This week, I made a very quick presentation at a free software conference about the result of the hack.lu 2006 (a computer security conference in Luxembourg that I co-organized with other members of the CSRRT-LU). They were asking me about the status of Free Software in the world of "computer security". Sorry to say that but security is not a default feature in software. Sofware is essentially unsecure, crappy and unstable. This is valid for free software and proprietary software. The main and essential benefit of free software is its ethical value not its practical value.
At first glance people, listening to the FUD spread by media, found the statement strange as they were quite sure that free software is inherently secure. This is plain wrong; Software is software and designed, often by default, to be crappy. Of course, Free software is providing some advantages (the famous 4 freedoms) over proprietary software to make it less crappy, more stable and more secure. But the authors and users of free software must use the possibilities offered by those freedoms to build better software. It's clearly not an easy task as the software is not alone in that hostile environment. Just take a look at the presentation of Wietse Venema to build a "simple" file shredder… you'll see that's near impossible to write such software (and by so, you have to think about other paths).
We are all writing unsecure, unstable and crappy software. Some knows that but a majority will never notice.