Sure the software can, theoretically be audited. But 1) Requires someone actually auditing software. Which judging by the state of OpenSSL flaws, we're doing a shit-tier job at. and 2) Requires people patching the "internet of things" cringe - which we've also seen isn't happening. Furthermore, most of the devices are dependent on closed source drivers for wireless devices.
And you're still just hoping the compromise isn't at the hardware level, because then you're truly up a creek.
Hell, we don't have access to the baseband software in our cellphones or the SIM chip, which can happily take control of the application processor and do what it needs to do, yet we all clamor around the fact that Android is Open and thusly Auditable and that makes it automatically superior in every way.
With enough eyes all bugs are shallow. But nobody's actually looking at the software, so bugs live on, and the big boogie man NSA can still be anywhere and everywhere.
There are Eyes In Your Radio. They're not going anywhere.
And you're still just hoping the compromise isn't at the hardware level, because then you're truly up a creek.
Hell, we don't have access to the baseband software in our cellphones or the SIM chip, which can happily take control of the application processor and do what it needs to do, yet we all clamor around the fact that Android is Open and thusly Auditable and that makes it automatically superior in every way.
With enough eyes all bugs are shallow. But nobody's actually looking at the software, so bugs live on, and the big boogie man NSA can still be anywhere and everywhere.
There are Eyes In Your Radio. They're not going anywhere.