Huh, looks like the large market share makes Ubuntu a big target. I guess I'll do my Bitcoin transactions in BSD from now on: same security as Linux, but less attractive to thieves since nearly nobody uses it...
Depends. OpenBSD's claim to fame is that it's default install is secure from remote attacks. However it's default install has just about nothing and while pkgs and the ports tree are audited to a point they share an awful lot of code with the parent project. I.e. There have been far more than two remote exploits in Apache on OpenBSD. I myself have had an OpenBSD box hacked.
OpenBSD has a richer privilege system than standard Linux but not better than GrSecurity which is a full-blown RBAC system.
As I've mentioned way too many times. I also think that OpenBSD could have done a better job on W^X which is their ASLR product. PaX is much more robust (but as a contrast it needs to be enabled).
I used hardened Gentoo - that's Gentoo with PaX/GrSecurity patches.