Richard Feynman describes this 'form' as the cargo cult, put into a software engineering context here. In the security context the cult of good security exhibits:
- Full Disclosure
- Open Source Audit
- Built in Cryptography
- Active Patching
The OpenBSD model of "proactive" auditing of software and "security by default" distributions, leads to good security. The fact that they have all the exhibited form is incidental. The OpenBSD patch mechanism is very basic, because there are not that many security holes to patch, most potential exploits were designed out from an early stage.
I suppose when you have a 'runaway train' of security issues then you would need a 256Mb brake. I hope it works.