There's a big misunderstanding that open source, in and of itself, is more secure. Time and again this has been proven wrong (remember heartbleed?)<p>Where open source does benefit is a more timely and fair fix to a reported security bug. A company's closed source implementation may not be in as much of a hurry to fix security bugs if there isn't an immediate effect on the bottom line<p>Also, how's open source supposed to minimize fragmentation? Desktop Linux has a hundred flavors and even with a standardized ABI, there's no guarantees on a single binary working seamlessly across distros ( which is the reason for this like flatpack to exist)