Re: Geezer's blog posts
> Is it true that having urls embedded in the code of the application but not obfuscated in any way is really a major security issue?
No. Not sure why he has a problem with it. Although having them easily accessible definitely makes things easier for attackers, the whole point of good security practice is that if you have your shit together then people hitting your API end points isn't a problem.
Security by obscurity isn't really a best practice approach. ;)