Re: "basically operated by one volunteer in charge of a small team of volunteers"
Think of it like a plane component.
You can either say "Trust Boeing, they know what they are doing, of course they won't show you the specifications and plans for their kit".
Or you can say "Hey, look, all the specifications, limits, designs, blueprints and diagrams for this component are available for aviation specialists and security experts to inspect."
Sure, the latter lets the terrorists find the weaknesses in our aircraft components. But it also lets people *other* than the original creators look and verify if even what Boeing says they are doing is true (how do you even know whether the updates they push out to their planes even changed a single byte of the program?).
The latter has risks but, in the long run, those risks can be enumerated, identified and eliminated. The former - you can't even tell if there's a risk, let alone how many there might be, if they are ever fixed, or not.
Of course, Boeing / Microsoft won't give out their blueprints willingly. And those blueprints being freely available doesn't mean we can all check them to see if the plane is safe. But would you rather fly in a plane where engineers, safety experts, the FAA / CAA, other manufacturers etc. can all verify every aspect of the design at any time, even if it's beyond you personally, or one where you have to just "trust Boeing"?
It's not "more secure". It's "more open about its security/insecurity". There's a difference. In the same way that the lockpicking lawyer can open even mainstream "secure" padlock that people send him in a matter of minutes, you can either buy a black box and trust your security to it... or you can get a design that an expert takes one look at, including every single detail, and goes "Woah... how the hell will I get into this one? It's been designed to counter everything I want to do." or, equally, "They didn't even stop you poking right past the pins and just triggering the release directly? Oh come on, people."