Hacker News new | ask | show | jobs
by notastartup 4229 days ago
so how are people coming up with zero-day vulnerabilities all the time? How are these people able to find a way to inject code in pdf or word documentation year after year? Is software forever vulnerable, even ones written by huge number of engineers?
2 comments
rifung 4229 days ago
I imagine having a huge number of engineers actually increases the chances that software is vulnerable. This is because bugs often arise when different people are making different assumptions about what some code does or doesn't do.

It always makes me uneasy when I have to go and make modifications to other people's code, especially in the workplace where you usually don't have the luxury of time to fully understand the code base.

link
eru 4229 days ago
What does this have to do with the article?

Btw, if you want secure software, you better prove it correct. See eg http://sel4.systems/FAQ/#verif

link