Evidently a researcher found a vulnerability in Android. He was able to find it because the source code that powers Android is open source. Great news, within days of launch a simple patch buffer overrun exploit was found, reported and is currently being patched. Some are suggesting it is a black mark against Android, but I suggest it is exactly why open source software is so important. I am willing to bet there are at least as many ‘security holes’ on the iPhone, but since the source is closed it takes researchers a lot longer to find them (if they ever find them). Of course it is harder for hackers too, but at the end of the day the real security threats are not the ones you know about or can find easily – the really bad ones are the ones you may never find. Closed source software makes it almost impossible for anyone but the bad guys to find all of the wholes.