For those who may still doubt, this might be interesting:
Homeland Security report tracks down rogue open source code | The Register
I've tried to find a link to the report itself, but not come up with anything (which I find strange given that it is commissioned by a public agency).
C|Net has something on this too. They include a list of all the software analyzed: Homeland Security helps secure open-source code | CNET News.com
What might this mean for open source methods in education?