You would think so but what seems to happen with open source is: for every person with evil intent that sees the flaw and exploit it there is more persons with good intent that sees it and report/fix it.
During that time, closed source have the opposite balance, less people can fix flaws, but the same amount of evil people than open source finds them and exploit them.
So theoretically, you should hear more about Android holes than iPhones since people easily see the vulnerability and try it.
Not really, all of that happens on GitHub.
You would think so but what seems to happen with open source is: for every person with evil intent that sees the flaw and exploit it there is more persons with good intent that sees it and report/fix it.
During that time, closed source have the opposite balance, less people can fix flaws, but the same amount of evil people than open source finds them and exploit them.
Let's be real:
Nobody of us looks at the Source-Code unless we're paid to do so. Especially for a huge project like AOSP.