I observed that Joomla uses less secure var type for variables in classes

Why?

During my own components,plugins,modules must i follow this convention or make use of a safer private, public and guarded key phrases.

Joomla's roots have been in PHP 4, (so that as @Palantir notes, they can still support it!).

It's very hard to "add" PHP 5's new OOP features like private / public / protected to some complex system like this. You will find a lot of dependencies to understand, and an excessive amount of possibility of obscure bugs.

They'll most likely start showing up later on when PHP 4 support is dropped (should not be lengthy any longer), and areas of the machine undergo a simple rewrite.

That's to become suitable for PHP4, which doesn't allow access modifiers and depends on the var keyword. See needs here: http://www.joomla.org/technical-requirements.html, they support PHP4, though they don't recommend it.