Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)

Conclusion

Many of the vulnerabilities discovered in closed source products are those that were weeded out of open source software years ago. Because of some of the challenges inherent to binary auditing, most of this software is under- audited or only fuzz- tested , and many vulnerabilities still lurk unnoticed. While there is a bit of overhead work involved in binary auditing, it is not much more difficult than source-code auditing and simply requires a little more time. As time passes , many of the more obvious vulnerabilities will be fuzz-tested out of commercial software, and to find more subtle bugs , an auditor will have to do more in-depth binary analysis. Binary auditing may eventually become as commonplace as source code review ”it is definitely a field in which much work still needs to be done.