I think the truest security benefit of open source is getting a verifiable hash check of the program or compiling it yourself from hash check source.

If the installation is obfuscated by a mechanism like an app store (itunes etc.) then that point of verification is ruined. My axiom is trust but verify.

So I don't really care what license (GNU, Copyleft, copyfree...)