We had a conversation once about the number of vulnerabilities in Linux. It was a friendly discussion.
For those that missed it, I'll share the gist of it and share a few paragraphs that sum up some concepts from said discussion.
About a day after the conversation, I recalled that I could actually show some of what we were speaking of. Right here on this forum, there's automated posts that detail security issues. I just kept forgetting to share the link:
The way the forum is configured, these don't show up in our feeds - probably to avoid swamping us with security reports, but I'm just speculating with regards to the reasoning. (I'm actually planning on making a Linux news aggregator site at some point, 'cause I think that'd be fun to run.)
Anyhow, that's an incomplete list and is still a whole lot of bugs.
Anyhow, and this is a good thing, Linux (and the software around it) gets a zillion and thee updates a month. Software is inherently buggy, as it's written by imperfect humans. Then, that software interacts with other software.
There are millions of lines of code that make up your operating system. There's gonna be bugs. Some of those bugs will be security bugs. It's just the nature of the game. Until we get a perfect AI to write the code for us, we'll have bugs.
Heck, we might even have bugs in AI generated code!
Hmm... I wonder if it'll then take AI to find the bugs and then to apply fixes?!?
Depending on how much longer we live, it's gonna be an interesting world.
Man, can you imagine a bug-free operating system? You could write it directly to the chip and then burn a fuse behind you so that the chip can never be modified again. It wouldn't need to be modified, 'cause it had no bugs.
That'd kinda be boring...