This question is “old like the World”, we use to say in my Country. How can we trust of a secrecy protocol or implementation that the worldwide community can’t study, test and modify? Who may assure us that the rules of the game are clear and there’s a full respect of them?
When we are going to use a closed encryption protocol or implementation for our communications we can only trust on the service. It’s like telling a secret to our best friend: we choose someone we trust and we tell him our secret but, in fact, who knows if he will respect our privacy. Maybe our best friend may approach his cousin and say: “Hey, can you keep a secret?” and obviously the answer is “Yes!”.
It’s a fact, as also Bruce Schneier often says: Security is about of trust. We have to trust about our hardware, software and cloud service vendors, we have to trust to their security and privacy politics and, if we don’t trust them, the only alternative is to quit from a service or renounce to use some hardware/software: quite drastic!
In this scenario, free software is a winning mentality that could help us to build trusted environments starting from the capillary control of the system by a world wide team of professionals, and amateurs too.
With Free Software anyone with programming skills can read the source code, searching for vulnerabilities, correct them a release the improved program with the imperative to release the new source code too, so other developers may cross check every patch.