That sounds like you are echoing something you heard once without understanding the reasoning behind it.
security through obscurity usually doesn't make sense WRT computer security because the attacks the computer systems are often subject to are sustained for long periods and can't be stopped (think of someone downloading your software to attack it).
In a military situation you do have the capability to retaliate and/or reinforce. This changes the situation because it makes time a critical factor. In that case, obscurity makes a lot of sense because it slows down the attacker. When you have the ability to change things yourself anything that slows down the attack is useful.
This applies to computer security too - if you can detect an attack, then anything that stops that attack from being successful for long enough that you can neutralize the attack vector is useful. This doesn't imply "security though obscurity", but it does imply that you have defence-in-depth, and you don't give out information about what those lower level defences are. Then if your outer layer is breached there is at least some chance the attacker will trigger some kind of alert while working out what the next layer of defence is. That isn't "security though obscurity", it is "security and obscurity".
That sounds like you are echoing something you heard once without understanding the reasoning behind it.
security through obscurity usually doesn't make sense WRT computer security because the attacks the computer systems are often subject to are sustained for long periods and can't be stopped (think of someone downloading your software to attack it).
In a military situation you do have the capability to retaliate and/or reinforce. This changes the situation because it makes time a critical factor. In that case, obscurity makes a lot of sense because it slows down the attacker. When you have the ability to change things yourself anything that slows down the attack is useful.
This applies to computer security too - if you can detect an attack, then anything that stops that attack from being successful for long enough that you can neutralize the attack vector is useful. This doesn't imply "security though obscurity", but it does imply that you have defence-in-depth, and you don't give out information about what those lower level defences are. Then if your outer layer is breached there is at least some chance the attacker will trigger some kind of alert while working out what the next layer of defence is. That isn't "security though obscurity", it is "security and obscurity".