The people that know the difference between AT&T and BSD flavors, especially after the 4.4 Tahoe lawsuit know that you don't just add stuff for politics's sake. For example, Sendmail took a ton of revisions before it was secure.
Sendmail took a ton of revisions before it was secure because it wasn't written with security in mind. Qmail, Postfix and Exim haven't had any near the number of problems sendmail had.
And we are all going to relearn this lesson with systemd, with one large code blob running as root (breaking the philosophy from decades of UNIX state that you run stuff as root as little as possible), so this means one large remote root exploit waiting to happen... and all it takes is a weakness on the ports systemd listens to.
This is just FUD.
1 Systemd is modular with components running with each componant running with the least amount of privilate to do it's job.
2. The network components not a part of the core project and are very optional.
3. I have yet to see any distro enable the network components at all, let alone by default.
So, production systems now have this major chunk of nascent code that is going to be a bonanza for the blackhats. All we have is to cross fingers and hope that the systemd coders at least paid lip service to security... but if something as mature as OpenSSL can fall, it only is a matter of time before systemd gets hit and hit hard, since AFAIK, there are no experts familiar with secure/defensive programming coding systemd.
As far as you know? I have already seen audits of the code for both correctness and security.
Oh well. Oracle Solaris can be easily moved to, and it isn't open source... but it has stood the test of time when it comes to security.
The same Solaris who dumped sysv bootup scripts a few years back in favor of their shiny new system that's very similar to systemd? Good plan!