Re: if an open source project had MAJOR flaw rates like this
Okay, I'll bite. How many open source projects do you go through each week, looking at and correcting security bugs?
I don't, I'm not a security researcher as that's above my pay grade but if I were or I was employed by a company that uses OSS and the producer went out of existence then I'm merely pointing out I would have that ability to fix problems far easier than it would be to reverse engineer obfuscated binary code.