>4. "Security through obscurity" works reasonably UNTIL someone does get their hands on the code (even just parts of it) and makes it 'available". Suddenly you've gone from pretty good security to NONE!

So you're supporting my argument? When they have your source code, you have no security.


I never claimed obscurity was a sufficient defense by itself. But it sounds like a good addition to.