Apparently that's not safe either. "Even open source encryption algorithms that some claim are above reproach are repeatedly being shown to have major flaws, and the fixes to those flaws have their own major flaws."
The author claims that, but I don't know of evidence of it being at all widespread. Dual_EC_DRBG is the one instance I know of, and I thought barely anyone used it.
