[k__]

Really?

I thought everyone dropped "security by obscurity" long time ago.

[thornjm]

I was actually thinking along the lines of fuzzing for exploit development.

You want a unique bug that will last a long time. In which case, your fuzzing techniques are a trade secret. A lot of fuzzing advances take place behind closed doors.

Project Zero has some people with interesting backgrounds doing bug hunting for good.

[roddux]

I hold the belief that Google must be getting something else out of Project Zero other than just "we hire the best hackers" bragging rights.

I figure they're selling exploits (the ones they don't publicise) to governments.

[TickleSteve]

contrary to popular opinion....

Obscurity is effective as one layer in a layered defense.

"Defense in depth".

[arsenide]

By itself, sure: but it can only help if used in tandem with other methods