K8y
As de0u said, companies rush products and security is not the top priority. As well as: New hardware is made: new processor, new Titan chip, screen, modem, etc.
They write new code for the new modem and it is difficult to make perfect code.
Also, the code has 100 million words from 2, 7, 15 years ago--it's a lot to go through.
It isn't as simple as securing a backyard shack, it is more like making sure there is no way to get a bad guy into the country of Italy. Some people have to go in and out of Italy. We need our emails and Netflix, so we have to allow people and info in and out of the country but stop every bad guy. Not a simple task with how easily computers can be fooled and they're so literal while lacking the ability to adapt or think for themselves like a human could. The code is the code, it can't update or change its behavior by itself.
Exploits are very creative and pedantic. Imagine babysitting a smart ass toddler.
A simple command: "Sit at the table and I want that dinner plate empty, then you can leave."
Instead of this, you have to write out a 50 page thesis on what is allowed and not allowed. This is why "simple features" take so long to make. There are a million things that could go wrong.
the smart ass kid could:
- Stand on the table, now he can leave because "Sit and plate empty" is now false.
- Dump the plate into the garbage. It's empty.
- They fill the plate with more food that what the plate can physically handle. Now they enact their own bad instructions.
- It turns out you didn't specify the date and time to do this so now they are free.