Originally Posted by
belfrybat
I'm fairly certain html5 will be full of holes too. Java, FF and now Flash. Why can't the authors go over their own source code looking for security bugs? Should be easier than decompiling or whatever, looking at the machine code.
Because it's cheaper to let the consumer be the beta tester, and the industry has managed to con a large number of people into being frantic to be the first user of any kit / software that comes out to play that role. Win/win for the industry, tough **** if you have your data trashed or identity hacked by insecure and buggy code.