The Mozilla man argued that open-source software can help alleviate this risk because customers have the opportunity to review its source code and spot any potential backdoors.
Equally important, Eich said, security researchers can compile open-source projects from source and compare the output to the executable binaries distributed by software vendors to make sure that the downloadable binaries don’t include any undisclosed extras.
That’s not possible for a product like Internet Explorer, Eich said, because Microsoft doesn’t share any of its proprietary code with customers.