About the source code part:
There is a debate about it. Some people like the idea of so called "security through obscurity". The core of that idea is that the bad guy doesn't know how system he is attacking works. So in case of browsers that means that he wouldn't have access to source code. In a perfect system, security through obscurity would make a system safer. Unfortunately browsers aren't perfect enough for that. Usually there are bugs which go unnoticed by development team and which may be exploited.
That's why open source browsers like Firefox for example use another security doctrine. Their developers believe that source code should be public. This will allow attackers to know how browser works, but on the other side it will allow security researchers to find bugs and report them so that developers may fix them. The idea is to make a browser so safe that it has no vulnerable places which crackers can exploit. If there are no vulnerabilities, the fact that crackers know how browser works does not help them.
1it is possible to crack Windows password by Brute Force attack. – subanki – 2010-08-29T10:39:36.467
@subanki, yes that is a well known vulnerability. – driis – 2010-08-29T11:37:16.297
1
@subanki cough
– TheLQ – 2010-08-29T15:05:48.287