Software flaws are found in every piece of electronics. That means you have flaws in a lot of things. Most people don't have a lot to do about it.

It wasn't surprising to hear that new vulnerabilities were found in the Linux kernel, which powers yourANDROID and CHROME OS devices This is a good thing because we see it all the time.

There are bugs in open-source software. All the code is open for anyone to see, use, and try to break in, because the Linux kernel is under a very strict and inescapable open license which means all the code is right there for anyone to see, use, and try to break in.

I don't want it to be any different.

RECOMMENDED VIDEOS FOR YOU...

Shortcut for Password Manager

(Image credit: Android Central)

There are a lot of glaring exploits in all software. The core of those systems are not open source. Open-source definitely does not mean better by any measure. It doesn't mean anyone outside of those with access to the code doesn't know they're there.

I'm not sure about you, but this sounds troubling to me. It's bad to know that there are bugs in your electronics. It's not knowing that they're being fixed. It's terrible if you don't know anything at all.

This can be demonstrated with a 100% hypothetical exercise. A fellow smoking too much grass was able to steal the password to your email. It's easy to download files from the internet, and anyone can do it, even if they don't have internet access.

Most people who find exploitable bugs do the responsible thing, thankfully.

He isn't an inherently evil person even though he smokes too much grass. He informs the people in charge of fixing the situation, and after trying to get some bug bounty money, he plays on his PS4. He doesn't want to steal us all.

Companies patch their software on their own schedule. Lambs are laying with lions and bunnies.

But what if his roommate tried to steal from us by hijacking our accounts? It would be easy with our email. If the software in question is open-sourced, there are two things that can happen.

  • The bugs are filed in the open, and everyone knows about them. This causes internet blogs to write words about it, then you know about it, too. 
  • People who can fix it but don't work for one of the affected companies know about it, too. They can help find the fix and get it into our hands faster. Yes, this is a real thing, and some of the best software hackers (the good kind, not the Hollywood kind) aren't software engineers at a big tech company.

Motorola Edge (2022) software update screen

(Image credit: Nicholas Sutrich / Android Central)

If the software is not open-sourced, the bugs are kept a secret until a fix is available. People who frequent internet spaces where exploits for bugs are bought and sold are aware of them. I know which one I prefer.

Even if you have a fix for the vulnerabilities, you're not going to recompile the kernels for your phone to fix them. It's important to buy your next expensive phone with monthly security patches in mind. It's nice to know what the company is going to do to fix it.

Chances are you will never be in a situation where security issues matter to you, because there are people who care about them. There has never been a mass security breech because people wait months and months between updates for their phones. It's still yet.

It's important to know how messed up things can get if the wrong people exploit a bug in the right software.