So with shared source codes with selected 3rd party you'll enable them to explore new backdoors and make custom compiled version with added backdoors. Also since the parts in question is closed source the public won't be able so spot differences in custom vs. vanilla Sailfish parts or search for backdoors themselves. How can this be labelled as secure?