

Is totally secure software possible? - ccraigIW
http://weblog.infoworld.com/securityadviser/archives/2009/02/perfectly_secur.html

======
cperciva
No, totally secure software is not possible (aside from trivial applications).
However, it is possible to write software which, given our current knowledge
and technology, would take all of the computing capacity of the world longer
than the predicted lifetime of the earth to successfully attack.

 _DJB is a deadline-be-damned-I'm-all-about-the-security type of guy. He'd be
great for security, but terrible for the overall product. It would take DJB's
team (assuming he would even relax control long enough to have a team) more
time to make the product than customers would be willing to wait, or it would
be more expensive to build than customers could afford. Another vendor's
product would steal all the market share, and no one would be left to use his
now ultra-secure product._

I'm a deadline-be-damned-I'm-all-about-the-security type of guy too, but oddly
enough I still have people paying to use tarsnap. (Maybe this is because I
wrote tarsnap myself rather than assembling a team?)

While I hate to disagree with such a credentialed author (I mean, gosh, he's a
CPA, CISSP, CEH, CHFI, TICSA, and MCSE:Security -- he must know what he's
talking about, right?) I think he's getting cause and effect backwards here.
Yes, there is very little secure code available; but that's not because
vendors have decided that writing secure code is too hard. It's simply because
their customers don't hold software companies accountable for severe product
flaws.

------
TrevorJ
There is always going to be a security hole, even if it's human.

------
Create
the long answer is in the classic:

<http://cm.bell-labs.com/who/ken/trust.html>

