[Hnrobert42]

Security through obscurity isn’t foolproof, but it isn’t entirely foolish, either. It can reduce risk if part of a layered defense strategy.

It is important to remember though that it is not the number of users but but the value of the compromise that determines how compelling the O/S is. There are like vintage mainframe O/Ses for which folks are actively developing compromises because some government or telco hasn’t migrated off. Then again, those teams aren’t going to waste a exploit on somebody’s home Usenet archive.

TL;DR: nevermind. I am too busy arguing with myself to be coherent.