Random sidenote on this: if everyone have this mentality doesn't mean no one will look at the source?

Not sure how to address this, just a random thought.

More eyeballs have a good track record -- for instance, since bash is Free Software, many people have looked at it, which is why there have been no recent critical flaws in bash discovered by automated fuzzers.

I tend to look when I run into an issue. So its not "I never look" it is more "I only look when I feel I have to."

If you get enough people doing that...well, imo, you'd probably have most "issues" surface as quickly as it would in commercial software ... and you'd have the added advantage of not everyone having a vested interest in obscuring any potential 'issues' that might negatively affect the company. [e.g. A privacy centric company that records addresses? Ouch]

The other issue is if you don't own the network, you can't trust the network.