All code is fundamentally not ever secure.

This statement is one of those useless exercises in pedantry like when people say "well technically coffee is a drug too, so..."

Code with publicly-known weaknesses poses exponentially more danger than code with unknown weaknesses.

It's like telling sysadmins to not waste time installing security patches because there are likely still vulnerabilities in the application. Great way to get n-day'd into a ransomware payment.

	▲	nightpool 5 hours ago \| parent [-]
		Have you spent time reviewing the security patches for any nontrivial application recently? 90% of them are worthless, the 10% that are actually useful are pretty easy to spot. It's not as big of a deal as people would like to have you think.

▲

da_chicken 6 hours ago | parent | prev [-]

That's why I run Windows 7. It's going to be insecure anyways so what's the big deal?