Not to bring the argument this way. But Linux is not exactly "one of the most used operating systems". And from a network security standpoint, open source it is not easy to harden.

In order for something to be hardened effectively, it needs a strong, legitimate community. Grabbing the latest distro of Ubuntu will result in a well built, well secured operating system. Grabbing the latest distro of "Johnny Boys Beast Great Free Awesome Linux Operating System!" will result in a bad time, and likely a significant security vulnerability.

I'm not saying that the community cannot create the Ubuntu equivalent of a Minecraft server, it is very possible. Mojang would likely benefit from this, and I'm sure they could incorporate some serious hardening to the server architecture. However, they are dealing with a paid service, and allowing the community to run rampant with the code will open up all sorts of possible server distros, putting legitimate paid accounts at risk. Logging into a public server could be a minefield, and several thousand accounts could be compromised by illegitimate distributions of the server.

Mojang went with protection by way of obfuscation and (essentially) least privilege. What you can't easily see, cannot be easily exploited. And denying the privilege to easily peer into the code protects it from the majority of trouble makers.

It is not ideal, but it does honestly work. I know that from our perspective, we see a train wreck. But the fact is, the vanilla server is still relevant and has not had any major, community crippling, exploitations exposed.

The model works, they just need a larger team of more knowledgeable networking professionals on staff. But that seems to divert from their model of small company, simple game.