I don't know if the world is coming to an end or what, but I'm going to have to say that Sun Microsystems' Jonathan Schwartz has come up with the best analogy I have seen yet to counter the FUD that open source is less secure. On his blog, he writes this, in an entry on "Scare Tactics in Open Source":
In my view, the economics of free and open source software are identical to the economics of free search, TV, radio, checking accounts or mobile phones - the money's not in the access to the product, it's in the services and value delivered around the product. The vendors of those products have a huge interest in eliminating the divide between them and their customers, one typically based on price - as a means of enabling higher value opportunities. It's a basic concept, and if you've read this blog for any length of time, you know my views on how networks and subscriptions (whether to handsets, software updates, roadside emergency services or sell-side analyst reports), over the longer term, can change price and value equations for businesses that know how to exploit them.
Now just this morning, like me, I'm sure you got an email entitled "Know the risk. Compare the protection." from Microsoft.
In it was embedded a link to an independent analyst's report, provided by the Yankee Group - which I've provided here.
I'd encourage you to read this for a view on how "open source" is misunderstood. Reading the report, you get a sense that open source is somehow irresponsible compared to Microsoft's products or approach. And moreover, that customers have to choose - open source, or safety.
Nothing could be farther from the truth - any more than "free checking" is more dangerous than paid checking, or free TV is more dangerous than cable.
The link is to Laura DiDio's November 2004 "independent" report on indemnification, which we covered at the time. I seriously question the word "independent" when used to describe Ms. DiDio, but I really like the free checking comparison.
Maybe now that I've quoted him favorably on Groklaw, Jonathan will finish his answers to our questions and send them along, eh?
Seriously, the problem Microsoft has with its FUD is this: it waited too long. Too many solid, upstanding, capitalist corporations now believe in and depend on open source. They are making money, and they aren't going to allow the anti-FOSS FUD to stand unchallenged.