Closed-source code isn't that much less secure than open one that I think this is a legitimate worry, especially in this case where the obfuscation doesn't sound like it was effective much