Security by obscurity refers to bad practices that considers the opaqueness of a system its security advantage. In reality, obscurity is of course not a solid defense against attackers, and chances are malicious actors will find ways in no matter what. That said, it doesn’t mean it’s a good idea to disclose unnecessary information about your system’s internals. We still want the attacker to know as little about our system as possible; we just don’t want this opaqueness to be our only line of defense.