Comment by MORPHOICES

2 days ago

Deep bugs, particularly in kernels, can go unnoticed for years, according to analyses I keep seeing. Decades at times. ~

That seems frightening at first. However, the more I consider it, the more it seems... predictable.

The mental model that I find useful:

Users discover surface bugs.

Deep bugs only appear in infrequent combinations.

For some bugs to show up, new context is required.

I've observed a few patterns:

Undefined behavior-related bugs are permanently hidden.

Logic errors are less important than uncommon hardware or timing conditions.

Long before they can be exploited, security flaws frequently exist.

I'm curious what other people think of this:

Do persistent bugs indicate stability or failure?

What typically leads to their discovery?

To what extent do you trust "well-tested" code?

4 comments

MORPHOICES

> Undefined behavior-related bugs are permanently hidden.

No they are often found and fixed.

> To what extent do you trust "well-tested" code?

I don't, which is why I use Qubes OS providing security through compartmentalization.

hun3 2 days ago
Then the question becomes: to what extent do you trust Xen and Qubes RPC?
- fsflover 2 days ago
  
  I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/