Is your open source security software less secure?