Anything human made is prone to all the errors humans make. At least with Open Source, there are more eyes that can spot mistakes, potentially even provide a fix.
Sure, that means bad actors can find them too. But closed source doesn’t prevent that: Raising the hurdles may slow them down, but they if they have a financial incentive to keep trying, it won’t stop them as effectively as it stops the type of people who would do a responsible disclosure instead of selling the information.
Anything that isn’t open source can’t be secure. That doesn’t mean that everything open source is secure though.
Anything human made is prone to all the errors humans make. At least with Open Source, there are more eyes that can spot mistakes, potentially even provide a fix.
Sure, that means bad actors can find them too. But closed source doesn’t prevent that: Raising the hurdles may slow them down, but they if they have a financial incentive to keep trying, it won’t stop them as effectively as it stops the type of people who would do a responsible disclosure instead of selling the information.