A religious approach is not appropriate for technical issues. What you call "security through obscurity" is not the Devil, to be shunned at every step. That's just a meme that's been uncritically propagated via social media.
Hiding things has its value. Learn how to use all tools at your disposal, wisely.
One could argue all security is "through obscurity". The encryption key exists somewhere in the parameter space, which is open to everyone. You just don't know where it is.
It is more productive to think of the onion model of security. Any technique is just another layer in the onion. As long as you have a sufficient number of layers, and they're all good in different ways, you're probably fine.
> A religious approach is not appropriate for technical issues. What you call "security through obscurity" is not the Devil, to be shunned at every step.
Of course not, and frankly that's a gross mischaracterization of the parent's point. The problem is not that security through obscurity is the devil; the problem is that security through obscurity is not security, and is not useful when you need security.
> The encryption key exists somewhere in the parameter space
This misses the point of cryptography, which is that you (roughly) have to try each possible key separately. So, for example, the combination of a 64-bit security layer (or set of layers) with another 64-bit security layer is a 64-bit security layer, not a 128-bit security layer, which you should know if you know what "parameter space" means.
Hiding things has its value. Learn how to use all tools at your disposal, wisely.
One could argue all security is "through obscurity". The encryption key exists somewhere in the parameter space, which is open to everyone. You just don't know where it is.
It is more productive to think of the onion model of security. Any technique is just another layer in the onion. As long as you have a sufficient number of layers, and they're all good in different ways, you're probably fine.