Yes, open source software is usually safer because of all the eyeballs. When an exploit is found it is made public and fixed. Often, with closed source software you have the script kiddies discovering the exploits first.

I've found open source to be relatively safe, especially the larger, more visible projects.

There is a myth that open source gets more tested more because more people can examine the source code for bugs. This might be true of large products such as Apache or Mozilla, but I doubt it is true of each of the 42,000 projects currently listed at Sourceforge.

The strength or lack-of-strength of a product has nothing to do with open vs non-open source. It has to do with the leadership and management of the project.

Personally, I would investigate the strength of the product myself (or assign one my of people to it) regardless of whether it is rumored to be secure or not. I would not trust any product, open source or closed source, without my own investigation.

Richard Lowe

Another thing to bear in mind is that open source code is bespoke...people tweak it here and there and pass it on.

Huge, mainstream software (i.e. M$) is used so widespread that its the first one to be exploited in a bad way.

I would sway towards open source...knowing that id probably learn in the long run "with them" in making my own code.