Open source allows for the possibility of 'many eyes making all bugs shallow', but I think the open source community assumed that was a guarantee, at least in the case of mission critical software - it's important so obviously it's being scrutinized, right?
On the other hand, with closed source, people are presumably being paid to study the code, potentially fewer but a still fixed number of eyes on the code, as it were. But then, since it's closed source, no one really knows what's going on outside the company.
Wow. Offended much? Did I say (or even imply) I had one? All I did was provide a counter to the claim that open source means more eyes which could make your software more secure.
>All I did was provide a counter to the claim that open source means more eyes which could make your software more secure.
You really didn't say much about open source and it's ability find bugs; you just cited a particularly nasty set of bugs on an open source project as a way to condemn all of open source work to being as bug-ridden as other methods.
It was more snark than it was providing a clean example as a counter-point. Someone could easily point out the millions of bugs in closed source projects as a counter to your point of equal caliber; but I think that it's clear to most of us that NO methods that we yet understand will result in bug-free code.
