Was listening to one of the IT Conversation's recordings at Gnomedex 4 regarding the future of security (was in the RSS feed, not yet on the main site for some reason) and it was kind of funny to hear that Microsoft (who as a panelist) will not release APIs to the public if they feel they are not secure yet.

It wont take people very long to document all the public classes, and knowing that since the API hasn't been released yet attackers will focus more on those areas.

When will Microsoft learn that security through obscurity just does not work.