Is there any type of third-party certification for closed source software, similar to how we have ISO9001 for quality management? I’d prefer companies provide their software as open source, however I can imagine cases where the software genuinely doesn’t do anything malicious but might still contain trade secrets that the author would want to protect. In these cases, it would be nice to have some kind of certification body that could review the source and assert that it doesn’t contain spyware, etc., while still protecting the intellectual property.
That certificate would not proof anything. Things can be overlooked or hidden enough. More eyes = more better. OS is no guarantee either.
Also, it would be way too expensive, money and time wise. Every new Version would need to be certified.