Anti-FAQ: why not

The Anti-FAQ provides answers to some common misconceptions. It is an anti-FAQ in that it provides some answers for questions that should not need to be asked (with apologies to the gentle reader :-), but often are. This is intended to be a general resource for the community.

  1. -FAQ: Common off the shelf is good enough, just as long as they are updated.
  2. -FAQ: 20 x 1000 x 1000 Lines Of Code can be made error free.
  3. -FAQ: the Essential 8 is the answer, just give me the budget please?
  4. -FAQ: VPNs, Airgaps and Network Filtering are enough!
  5. -FAQ: Two Factor Authentication (2FA) will protect us!
  6. -FAQ: support of legacy systems is easy.
  7. -FAQ: Formal methods have no place in this, they are too hard or expensive!
  8. -FAQ: Microkernels are too slow for real time systems
  9. -FAQ: The hardware needs to validated, lest misery follow
  10. -FAQ: most of the errors can be fixed by retrying (e.g Minix 3 or Erlang)
  11. -FAQ: version control, who needs it

Software Error Rates

The typical quoted errors rates for well developed software are around 5-10 errors/1000 SLOC. A variety of higher numbers have been quoted in the literature but assuming 5/1000 SLOC and 10M SLOC we have 50K errors of which 1 in 10 may be exploitable.
"It has been estimated that the industry average rate of programming errors is “about 15 – 50 errors per 1000 lines of delivered code” 4. That estimate describes the work of professional software engineers-—not of the graduate students who write most scientific data analysis programs, usually without the benefit of training in software engineering and testing 5, 6. The recent increase in attention to such training is a welcome and essential development 7– 11. Nonetheless, even the most careful software engineering practices in industry rarely achieve an error rate better than 1 per 1000 lines. Since software programs commonly have many thousands of lines of code ( Table 1), it follows that many defects remain in delivered code–even after all testing and debugging is complete." -- Soergel

Security and Attacks

Ok, I've got 2FA, VPN, airgaps and filtering, surely I'm safe.
  1. 2FA, VPN - load the dropper on the tablet via a known exploit, wait for the 2FA.
  2. Airgaps - see Stuxnet

  1. Soergel DA. "Rampant software errors may undermine scientific results", F1000Res. 2014;3:303. Published 2014 Dec 11. doi:10.12688/f1000research.5930.2
  2. Maker, PJ, "GNU Nana", Nana
  3. Stuxnet
  4. Aurora Generator Test