Basically, what he's doing there is falling back upon the tired old argument--highly popular among closed-source vendors and those that make a living off of their products--that open source software's . It's called the old "" claim, and those of us who have been watching this industry for more than a few minutes know it well.

"If hackers can't see the code," the old argument goes, "then it's harder for them to create exploits for it."

The reality, however, is that it just doesn't work that way--as evidenced by the ever-increasing coming out of Redmond. First, even developers for Windows or the iPhone, say, have to understand the underlying architecture in order to create their applications. It's by no means a Big Secret.

A Misplaced Trust

Second, no closed-source company's limited set of developers--each of which is bound to have its own timetable and agenda--can possibly do a better job of finding and eliminating vulnerabilities than the worldwide mass of developers and users, which is who's at work 24/7 for open source software's security.