All the other answers are great, I will add a little bit of a historical context of why open source actually safe.
Back in the early days of household computers and internets every company built their own secure implementation of ciphers. But as you may know, when you write something, you can do mistakes in it but you personally will not see them(as you are the author) or you will not see them because you do not properly understand the reason behind the solution. And as such many in-house solutions of ciphers were done incorrectly – be it laziness, time crunch or not enough information. In the end, ciphers are math and programming is IT (while it is related, it is not the same field :)). Therefore a code-leak of such bad implementations would be dangerous.
After few problems people started to realize, that instead of in-house closed solutions it is better to build the security via known and reviewed mechanisms. These are safe because more people can check them. So, this is why nowadays you know how the cipher mechanisms work and you can use pre-implemented modules, because the security is NOT in the fact, that nobody knows how it works(and as such the code leak would be dangerous), but in the fact, that it is safe because math(science) says so.
Open source is just going into this fully, most companies do not do that as they have some fancy solutions they do not want to share as it may give them the competitive advantage. e.g. Youtube can have a great implementation of video storage but they do not want others to use it as well. So a code-leak would share that but it wouldnt be a security risk. (hopefully, I dont work at youtube so I dunno)
Latest Answers