Let me say that I love free-software and I develop free-software too, but this shows us that parts of it, even hyper-critical parts, are sometimes written by people doing it for "hobby" in their spare time, and lack proper review. And yet free-software is better than close software, especially security-related one.
So what's the solution? Maybe creating groups of community software reviewers, or using double-factor authentication in everything, like key+password, etc...
An example: you often see in movies that some criminal builds a pipe bomb with instructions found on the web. I've always been curious of knowing if that's really possible, but I never searched that on the web. Notice, I didn't want to build one, just to know if the average crazy man could really do that and be a danger for others.
Another example: whes studying nazism in history, or watching tv documetaries about that, I've always been curious about the book that Hitler wrote, just to know more about the state of mind that made such abomination possible. Again, never dared to search someting about it, not even on wikipedia.
Now my country hasn't got something like NSA, but I think it's only a matter of time, but I challenge any USA citizens to search for such things on the web just for their personal knowledge, without being afraid.
[Reposted because I mistakenly posted anonymously]
I think that at those ultimate levels, this distinction is quite fuzzy for all the reality in general.
"If I do not want others to quote me, I do not speak." -- Phil Wayne