[nocoment]

I've been in a role of evaluating security vulnerabilities on security products and features from many different origins..

All I am saying is that I am in a position to estimate ~9/10 of everything critically exceeds the competence of its authors to safely combine features and security. So a primary explanation for failure that only applies to 40%(60%?) of the market doesn't sound right to me.

So either we disagree considerably on proportion of software that is poorly implemented or you are saying the majority of commercial software is also written by hobbyists?