This is the classic "security through obscurity" argument. Yes it makes it harder to find vulns and develop exploits when the source isn't available, but once there are enough users to make it worth it, people are gonna fuzz the shit out of it regardless whether it's open or not.
At least with open source, you have white hats (and gray hats to some extent) using the available source to get hints. These end up getting reported a lot more than for closed OSes. There may seem like more CVEs for Linux than Macos for example, but that isn't proportional to the number of vulns, researchers, or exploits out there.
That said though, even if open were less secure (which I don't think it is), it is still a better and more ethical model for software and would be worth the security risk. Luckily for the world, open is more secure (or at least equally secure).
At least with open source, you have white hats (and gray hats to some extent) using the available source to get hints. These end up getting reported a lot more than for closed OSes. There may seem like more CVEs for Linux than Macos for example, but that isn't proportional to the number of vulns, researchers, or exploits out there.
That said though, even if open were less secure (which I don't think it is), it is still a better and more ethical model for software and would be worth the security risk. Luckily for the world, open is more secure (or at least equally secure).