A lot of bad takes in here.

Here are a few things that apparently need to be stated:

• Any code that is distributed can be audited, closed or open source.
• It is easier to audit open source code because, well, you have the source code.
• Closed source software can still be audited using reverse engineering techniques such as static analysis (reading the disassembly) or dynamic analysis (using a debugger to walk through the assembly at runtime) or both.
• Examples of vulnerabilities published by independent researchers demonstrates 2 things: people are auditing open source software for security issues and people are in fact auditing closed source software for security issues
• Vulnerabilities published by independent researchers doesn’t demonstrate any of the wild claims many of you think they do.
• No software of a reasonable size is 100% secure. Closed or open doesn’t matter.