I have been pondering this question during the evening and I can't find a reason why this shouldn't be the case, therefore I'd love to know your thoughts on the matter.

Maybe they just don't want to reveal how they have coded different stuff to their competitors (Valve, EA, Epic etc.), and want to keep total control of the development of the client?

Do you wonder the same about the other game stores' clients like EA Origin, Steam, UPlay client, Epic launcher, Blizzard's Battle.net launcher etc.? Or are any of them open source?

https://medium.com/@lkanies/should-you-open-source-your-product-thats-the-wrong-question-a8cac737c0ca

https://www.howtogeek.com/287113/the-downsides-of-open-source-software/

Well my question to you is why you think it should be...dont get me wrong I love the principles of open source but I am also a realist.

I would think having public access to the source code of a Galaxy would be a very bad idea. It would be completely open to abuse and would likely have a huge impact to the security of gog.

No other store front (Steam, Origin, Uplay, Epic etc.) is open source and I think for very good reason.

Security by obscurity is no security at all. That's never a reason for not having open source. Open source is more secure, actually (e.g. Linux); not sure if you understand how it works. However I can see why they'd rather not, since it takes more manpower to run it properly, and they probably don't have the resources.

Why isn't Windows, OSX, or other proprietary software open?

Maybe they got secrets...

Maybe they have back doors....

I am not suggesting that obscurity should be the sole principle behind the securty of a platform particularly when obscurity is often used to try and mask existing flaws such as the lack of encryption etc. As much as I do like the principles of open source I certianly would not agree that it makes anything instantly more secure. If I had a laptop running Debian that used no encryption then it would obviously be less secure than a laptop running Windows 10 making use of Bitlocker. The same would apply to a Linux based webserver running apache using HTTP vs a Windows IIS Server running a site making use of HTTPS with SSL certifcation.

because they want you to avoid it... its a hidden message in itself. Or they are low on resource, so they use SecBO as another cryptolayer. There is no other point.

we all have backdoors

Just like everybody has an opinion. =P

Yes!

Newbie question: what would one do with an open source Galaxy? Just curious...

That's not a valid comparison. Nobody ever claimed that running open source magically makes doing stupid things secure just because. The correct comparison would be Linux vs Windows running the same services; Linux is more secure.

I don't think you actually understand what's involved, otherwise you would not have said "It would be completely open to abuse and would likely have a huge impact to the security of gog." That's...not what happens, at all. I guess you seem to be under the impression that every script kiddie and their dog would suddenly do whatever they want, and everything would just get merged back in with zero oversight from GOG and nobody would ever read the code? That's kind of the opposite of open source.

Because they don't want to give away all their hard programming work to random people?

I think that one makes sense and also i dont see why it needs to be since the launcher is meant to work in a certain way that meets what gog wants rather than be modified etc.
Unless gog benefits directly from this.
Otherwise you could have any other random open source game launcher.

Well taking everything you have said into account I decided to do some homework as I have almost exclusively dealt with Windows Server based infrastructure in my career. I have to hold my hands up and say my stance on open source and how it works was wrong so I do sincerely apologise - it has been a really interesting read and now that I have a better understanding of it I can now understand the points you have been making.

I think I will be taking open source/linux a lot more seriously as I can now see some really good benefits that I will be testing in a VM enviornment I have at home. If it testing turns out well then my live enviornments will definitely benefit as a result.

Thank you for the insight - its much appreciated!