Story

1. Monocultures are bad, whether it's proprietary software with IE 6, or open source with OpenSSL. When one software product has 90 percent market share year after year, be afraid.

2. "With a million eyes, all bugs are shallow" turns out to be BS when it comes to complex code, which certainly includes infrastructure that implements cryptographic and security protocols.
Bugs in the TFA and TFS at Slashdot/Soylentnews/Pipedot, OK, the crowd can be counted on to point out those.

3. Open source might be even *more* vulnerable than proprietary software to security vulnerabilities, because the source code is so easily obtainable in readable form, no reverse engineering necessary. Just as door locks keep the casual thieves away, "security by obscurity" raises the acquisition costs for potential attackers. This just means that the open source community has to be more vigilant than their closed source counterparts, not less.