Ask HN: With all our software built on so many dependencies, is anything secure? - hoodoof
======
bbcbasic
No because there is a trade off between always getting the latest patch of
your dependencies (for bug fixes, to maximise security) and not getting the
latest patch (because of potential bugs or malice, to maximise security).

I am thinking of both compile time code dependencies and runtime dependencies
(e.g. Windows updates).

------
blacksqr
No.

------
runjake
Correction: with all your software.

