Bob Beck has a pretty healthy track record of throwing verbal grenades with regards (but not limited) to open source licenses, security, and other people's code.
That said, looking at published vulnerabilities (CVEdetails.com), OpenSSH and OpenBSD have a tremendous record for fixing (or simply not having) serious security bugs. The total number of vulnerabilities in OpenSSH (application) since 1999 is 61 (11 being DOS) and NONE have known exploits. OpenBSD (an entire OS) has 136 (57 being DOS) since 1999 with 4 known exploits.
By Comparison, OpenSSL (a protocol library) has 87 (46 are DOS) with 5 known exploits.
None of these are egregious compared to other UNIX OS platforms like AIX (316), Solaris (533), and HPUX (278).
I don't think the OpenSSL folks are bad, but they let the product stagnate a bit. Getting some new perspective on it is a good thing.