"Closed source development hides faults so that the customers don't get scared off. "
Thanks to Open SSL etc, we know that the quality of Open Source code is often awful with zero proper security reviews in 18+ years...so being in public view doesn't mean anything is secure.
"that should tell you all you need to know about the accuracy of vulnerability counts for closed source."
It doesn't tell me anything about vulnerability counts for Microsoft OSs. However (seeing as Linux isn't really used on the desktop), try comparing defacement via remote exploit rates for internet facing webserver OSs, or malware levels on mobile phone OSs then...
Biting the hand that feeds IT
