Hacker News new | comments | ask | show | jobs | submit login

> It's also OSS and it is much easier to surface security bugs for Linux than for Windows.

Shouldn't then the number of bugs decrease much faster, since they are easier to find? Unless they are introduced at even a greater rate than the ones in Windows.

No, because linux OS's includes a lot of software in their repositories and new packages are added all the time. Look closer at the list. "40 Debian CVEs in 2019" breaks down to this:

* Google Chrome: 36

* Artifex Ghostscript: 1

* ZeroMQ: 1

* macOS CUPS: 2

* Debian: 0

You are right. One current estimate is that Linux is introducing security bugs at a rate faster than they are fixed.

New and better tools are finding bugs in old code, so it isn't really that more and more bugs get into new code:

"But, your editor wondered, could we be doing more than we are? The response your editor got was, in essence, that the bulk of the holes being disclosed were ancient vulnerabilities which were being discovered by new static analysis tools. In other words, we are fixing security problems faster than we are creating them. "


Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact