@fsf They are also vulnerable when fully FOSS. And you know this. Why pretend it's an issue specific to proprietary software?