[selfmodruntime]

I firmly believe that security by obscurity should be given more credit than is done normally. If you are a pretty uninteresting target and you want to protect your binaries, making them too tough of a nut to crack in comparison to the motivation of the reverse engineer is a valid strategy.

[batch12]

It's not that there's no value in security-by-obscurity. The issue is when it's the only control. I agree that some are too quick to dismiss operational security controls.

[chii]

it's certainly valid. Obscurity is cheap and easy.

The only problem is when it's the _only_ security for certain types of threat models that require defence in depth - such as credentials in authentication.