A high-and-mighty crypto-geek criticizes linux-based security software packages, including at least one VPN client, as sayeth by the mighty Slashdot. But check out this interesting quote from zee geek:

What's even worse is that some of the flaws were pointed out nearly two years ago, but despite the hype about open-source products being quicker with security fixes, some of the protocols still haven't been fixed. At least Microsoft eventually tries to fix their stuff, given sufficient public embarrassment and the odd hundred thousand or so computers being taken out by attackers.

As Linux development picks up more, holes like these will be eventually sealed. But two years is a long time for a fix.

Edit: I really like this guy's commentary:

Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve enlightenment.