Whack-A-Mole Security: Incentivising the Production, Delivery and Installation of Security Updates (invited paper)

Alastair R. Beresford
2016 Engineering Secure Software and Systems  
Writing vulnerability-free code is currently impossible. The best we can hope for is whacka-mole security. In other words, fixing bugs and updating Internet-enabled devices before remote exploitation occurs. Unfortunately, security updates do not always happen in a timely fashion, or at all. The root cause of this problem is the lack of incentives, something which we must fix.
dblp:conf/essos/Beresford16 fatcat:dotxxlxf5bcfxb6mb66bvcjctm