Re: I remember my Java and Linux friends spouting that junk too.
No system can be 100% secure indefinitely as over time a "secure" system will become insecure due technology progressing. So let's take "secure" to mean "invulnerable to the best-effort attempt available at the moment".
Ben Tasker gets closer to what I meant. I wasn't talking about F/OSS as such, just that security by obscurity is useless. It's useless because the user (i.e. the customer) is unaware what vulnerabilities exist and is thus unable to mitigate them.
Let's take a more mundane example. Your front door probably has a Yale-style lock. It is "secure"? As in, is it anti-bump, anti-snap, anti-pick and anti-drill? How do you actually know? From the packaging? Or from details on how the lock works and its design?
The former is security by obscurity, the latter is full disclosure. For example, anti-snap can have the weakening cur from the top to the bottom, or the bottom to the top. One of these designs is almost certainly worthless, the other is better; which is which? How can you know unless the details of how ant-snap locks work is in the public domain?
Now let's come back to Thales. If we know all the details on how the Thales system works, based on our knowledge of good security design and procedures which should all be in the public domain we can maybe say "I know how this lock/system works, and I am satisfied that when it engages it will remain secure". It also allows us to take mitigating actions should a vulnerability exist. Or you just believe the hype (*cough*Medeco*cough*). Luckily you can find out all about this (at the moment). Imagine how things would be if only the bad guys knew? And only the bad guys would know because the good guys would be too scared to discuss it in case they ended up in jail.
Oh and something else to consider, if you are relying on the packaging of your locks, your insurance might be invalid (even if it claims to meet the correct standards); so that £15 lock you just got from the DIY store might end up costing you an awful lot more.