It has more to do with the target's market share than the sourcing model. Hacking Mac OS when it was 9% of the market share wouldn't make news. Hackers went after Windows because that made news. Interestingly, now that Mac OSX is getting to he 30% share, it is coming under attack. In the mobile space, Android is the market leader. So it gets teh attention target on its back.
The difference is that Android's internals are open for analysis. Yes, there is a large, faster moving community that is evolving the code base quicker than a big company minded Microsoft. But there is also opportunity for someone to find adn exploit the hole rather than fix it. This was exactly what happened with the Android game malware that sent your contacts adn personal information to a server in China a year or so ago. And that fast moving dynamic is changing as well under Google, who is becoming the big company minded beast. They will become "the man" to the economic politics driven hacker. And to the attention seeking hacker.
My comment on merging sources was that unless you personally review source changes to both the OS and the apps you use (compiling them all locally), you are placing some implicit trust in the open source community. Nothing more.
It is a matter of where you personally want to place trust and accept risk. Just don't be lulled into believing the open source community is fully trustworthy - remember, many of the Windows hackers are part of the open source community.
Actually, the issues with mobile devices has more to do with the security model they implement. From what I've seen, with most of these devices, users are pretty much running as ROOT, which is a big no-no.
Your ideas about market share being such a large factor has been debunked so many times, I think a few FR posters have macros for it.
Google has done a poor job with Android....RE : Secutiry.
Maybe Microsoft with there phone and tablet systems will do something good regarding security....we will see.
While technically true, reality must somehow be taken into account: There is a reason why all the big iron runs on 'nix. And if there is anything that hackers would love to hack, it is that big iron. There's your 'credz'. Not being some script kiddie whackin' at Android. And by-and-large, that simply doesn't happen.
I am not conversant with Android, as I am still fighting vainly against moving into the handheld world. But I can guarantee that it is not the underlying 'nix that is at fault. In order to control a 'nix box, one must gain root - and left to it's native design, that is next to impossible from afar (it really IS impossible, but like a scientist, one has to leave room for an impossibility to be possible).
If root is gained on Android, I can nearly guarantee it is something Google has done in it's interface, or in it's config.
That it persists would suggest to me that whatever is wrong is not in an OSS part of the OS, or it would have been found out almost immediately and corrected - as the OSS community's record on such things plainly evidences... IOW, the culprit is probably a closed-source addition.
But then again, that is just my opinion on the general matter - I don't know Android at all. Even so, any OS has a loooong way to go to catch up to what, 3/4 of a million virii that have exploited MS...
That isn't because MS is popular - It is because it is inherently exploitable and promiscuous by nature... Else that big iron, which has always been Linux or some brand of Unix, and precedes Windows by a decade would have comparable numbers. How many nix virii have ever been? But a handful, by any comparison. A negligible amount.
But that being said, I am not defending 'nix - I am speaking to the greater OSS community... including application level software too. Even on my Windows boxes, I tend toward OSS software. Especially on Win boxen because they tend to be portable and avoid the registry. They also tend to be quicker at their function, less intrusive, more intuitive, and more precise in function... not to mention weight.
The upshot tends to be that a programmer doing OSS is not doing it for $$, but for love of programming and a peculiar dedication to whatever function the software performs. it is an art to him. A labor of love. And that, FRiend, is hard to find in the chunked and formed production of for-money software by it's very nature.
That doesn't preclude a certain amount of eccentricity however (GIMP springs immediately to mind). but even that eccentricity becomes a beautiful thing, once one learns to expect it at times. GIMP, a tool like photoshop, is one of my very favorite apps, but it took me years of intimate use to understand it well, and I still freely admit I don't understand it fully. By now though, it's eclectic nature is almost as endearing as it's function... And I would hate it if it changed.