Talk:Assume attackers have source code
Possible Candidate for Removal
I believe the content in this article could be folded in with the Avoid security by obscurity article. In essence, the reliance on compiled code to hide the vulnerabilities that may be apparent in the source code is a form of Security Through Obscurity.
You're right, but I think it's a useful principle and should be separate. Most developers don't realize that their code is not a secret. We could make Security by Obscurity a category. Or we could just note that this is a form of security by obscurity and provide a link. Jeff Williams 07:25, 23 May 2008 (EDT)