Re: "they're both absolutely unacceptable"
You'd be assuming incorrectly, but nice try at going "Well what would you know, you don't even work in the industry...".
I have heard of NDAs, I've even signed them from time to time; they've not prevented me reporting any abuse. NDAs generally relate to products, projects, etc. that partners and clients would like to maintain some secrecy/control over. They don't, in my experience, relate to things like "we get to abuse you but you don't get to report it". If you're talking about confidentiality clauses in settlements then the relevance of my working background is questionable at best, since such clauses are not industry specific.
I have not tolerated abuse nor resigned myself to being abused. When I have spotted abuse, I have reported it. Thankfully it's been a pretty rare occurence for me; perhaps I've just been lucky with the places I've worked.
As for "Asking a forum regular on El Reg how he could possibly know about what happens at software companies is a bit obtuse, isn't it, given that probably 99% of the readership works in tech?"
I'm not asking how you know, I'm asking for proof of what you're saying WRT open source being magically better than proprietary software for handling abuse. From what I can see, it's basically "because OSS!" Given that I too work in software and have not seen much of this dark, murky underworld you talk of over the past 15 years or so I'm slightly dubious.
Given our experiences apparently differ, I don't think that asking for some sort of *proof* of your assertions is that much to ask for. Or do I just accept that, as a forum regular, whatever you say is true simply because you said it? (I should point out too that I've been reading el reg since around 2001 so I'm hardly a stranger either.)