Spyware and malware survive and thrive on secrecy. The best way to maintain secrecy in a software program is to deny users access to the program’s source code (i.e. by making the whole or part of the program proprietary). With Free software, users are free to audit and modify the corresponding source code of a program. This means malicious code (like backdoors) are easily thwarted.
In theory, malicious code can exist in popular Free software programs but it’s not practical. Adding malicious code to a Free software program and attempting to distribute that code through a mainstream channel is like knocking on every door in an apartment complex to inform the inhabitants of
A) you spying on/attacking them and
B) the method(s) you are using to do so
Of course, many users don’t look at or change source code (just as many people are not in their apartment when there’s a knock at the door). But all it takes is one honest programmer (or one person at home in the entire apartment complex) to become aware of what’s happening. In effect, someone will blow the whistle on any attempt to harm the users. This benefit is had by both programmers and average computer users alike.
The freedom that Free software offers is the best defense against malware and spyware.