Yay, more updates
apt, yum, pacman, emerge, dnf: One of these is sometimes slower than Windows Update.
Microsoft has released the October edition of its monthly security update, addressing a total of 49 CVE-listed bugs. DLL bug a blast from the past Among the 49 fixes were three issues that have already been publicly disclosed and a fourth that was being targeted in the wild. On top of that, a remote code execution bug in …
Users don't tend to click the update button in my experience on phones anyway, one iphone users raves about Apple but refuses to update based on a previous experience where their phone went slower after updating.
As a developer myself, it's nearly impossible to ship software that is bug free. The best that you can do is just check your input and make sure that it makes sense. I write operating systems, so there is a level of expertise that is required that most other developers do not have, and the security implications are more serious. For an app developer, a security hole can compromise a user. For a system software developer like myself, a security hole can compromise the whole system.
Ehm, NO. You also ensure abnormal conditions - wherever they happen, even outside your code - are caught and processed in ways that don't lead to unexpected execution paths. There's a big difference from a bug that leads to an error, and a bug that leads to a remote execution with high privileges silently.
Unluckily languages like C were designed with performance in mind only, security was a non-issue back then. While programmers need to have the proper skill and be able to write robust, secure code, they also need help from the tools they use.
Stubbornly thinking what was designed fifty years ago was perfect and doesn't need changes to cope with a far more complex and dangerous environment is like thinking the Earth is flat because a book tells so.
Dude, really. If you aren't even going to attempt excellence then go do something else.
There are lots & lots of things that can be done to avoid bugs. Usually, I would say that avoiding magical thinking is the first. In your case, clearly you need to start by giving up on defeatism.
Seriously, at my favorite job, we were bought out & shut down. My last project was a month long. I never got to see it go live. I met up with our sysadmin at our next job & asked him how it went. "Everything was fine."
At my least favorite job, I skunkworked over the course of four years a switch to a 20k assembly language test tool to make the pointer size selectable. When the time came to make use of it, I asked the implementer how much of that code he needed to fix. "None. Everything was fine."
Certainly, these are "small" projects. But the discipline of software excellence really can achieve code that you can leave alone.
Let's just fix the bugs and add more features ...no need to worry is there?
Face it - nobody buys an operating system or application because it's "secure" - they are sold on their features and the ability to operate in the cloud these days. I wonder how this will work out in the end?
For Digital Editions, the update will patch nine CVE-listed vulnerabilities that could allow remote code execution. The Adobe Experience Manager update addresses five cross-site scripting vulnerabilities, while an update for Framemaker includes fixes for a single privilege escalation flaw.
What is is with everyone insisting in some "experience". In my, ahem, experience any software with experience in their name has been total and utter crap. I don't want a bloody experience, I just want stuff that simply works.
The pictures they put on these articles mess with my head. I just had a vision of eight-year-olds with bugs. Yet, when people start having robot children... I am so seriously going to be creeped out by all the excessively life-like humanoid robots. Yet, it's pretty clear that they'll be here. Not to mention... No; I'm not going to be the one to mention it.
Biting the hand that feeds IT © 1998–2022