Cryptocat apologized last week for a bug that made it too easy for an attacker to decrypt and read conversations. The vulnerability is serious because the software is used by activists trying to avoid government eavesdropping. Security experts disagree over whether open-source software is more secure than proprietary products. Commercial developers paid to build software have more at stake in getting it right, experts say. The more popular software is among consumers and businesses, the more likely criminals will look for flaws and develop malware to exploit them.”]