| It doesn't seem likely that Google GSA uses the same algo as their web search. Not to mention that security by obscurity is most effectively breached through trial and error Really? I'm not a security expert, but isn't brute force impractical except in the smallest of search spaces? there's nothing stopping you from gaming Google's algorithm right now (and many spammers are doing just that) True, but the situation would probably be even worse if the algorithm were open, wouldn't you say? If you can't secure your code while being open about your methods, obscurity won't help in the long term. Also true, but as other people have already commented, this is more like a matter of policy than security. And besides, some methods can be open because they're intrinsically hard to get around, (e.g. crypto algorithms: cos it's math, baby) and others because they're expensive (e.g. I don't know, hardware requiring expensive/rare materials?). However, web search algorithms are horses of another color, aren't they? I hesitate to say for certain, but it's possible that there is no search algorithm that cannot be gamed if it is known. If that is the case, then security by obscurity, while not being an ideal solution, may in fact be the only option. |