> We’ve all heard about how “security through obscurity” isn’t real security
This is something that programmers enjoy repeating but it has never been true in the real world.
You can only say that if you have no idea about cryptography. It is definitely true in the real world, but it needs the right context to be relevant.
It is related to Kerckhoffs principle: "The design of a system should not require secrecy, and compromise of the system should not inconvenience the correspondents"
This means that all of the security must reside on the key and little or nothing in the method, as methods can be discovered and rendered ineffective if that's not the case. Keep in mind that this is for communication systems where it is certain that the messages will be intercepted by an hostile agent, and we want to prevent this agent to read the messages.
When implementing modern cryptographic systems, it is very easy to misuse the libraries, or to try to reimplement cryptographic ideas without a deep understanding of the implications, and this leads to systems that are more vulnerable than intended.
Security by obscurity is the practice of some developers to reinvent cryptography by applying their cleverness to new, unknown cryptosystems. However, to do this correctly, it requires deep mathematical knowledge about finite fields, probability, linguistics, and so on. Most people have not spent the required decades learning this. The end result is that those "clever" systems with novel algorithms are much less secure than the tried and true cryptosystems like AES and SSL. That's why we say "security by obscurity" is bad.
Now, going back to the main topic: Hacker News is not a cryptographic system where codified messages are going to be intercepted by an hostile actor. Therefore Kerckhoffs principle doesn't apply.