The
more complex software gets, the harder it is to properly predict how it will react in all
possible scenarios, and it becomes much harder to secure.
Today??™s operating systems and applications are increasing in lines of code (LOC).
Windows Vista has 50 million lines of code, and Windows XP has approximately 40 million
LOC; Netscape, 17 million LOC; and Windows 2000, around 29 million LOC. Unix and
Linux operating systems have many fewer, usually around 2 million LOC. A common
estimate used in the industry is that 5??“50 bugs exist per 1,000 lines of code. So a middle of
the road estimate would be that Windows XP has approximately 1,200,000 bugs. (Not a
statement of fact. Just a guesstimation.)
It is difficult enough to try to logically understand and secure 17??“40 million LOC,
but the complexity does not stop there. The programming industry has evolved from traditional
programming languages to object-oriented languages, which allow for a modular
approach to developing software. There are a lot of benefits to this approach:
reusable components, faster to-market times, decrease in programming time, and easier
ways to troubleshoot and update individual modules within the software. But applications
and operating systems use each other??™s components, users download different
types of mobile code to extend functionality, DLLs (dynamic linked libraries) are
installed and shared, and instead of application-to-operating system communication,
today many applications communicate directly with each other.
Pages:
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80