
Ask HN: Why can't we build unhackable software? - bikamonki
Is it human error or is there a technical limitation to it? Is it b&#x2F;c layer upon layer of abstraction doors are left open on purpose? If the first software  layer over harware has a finite set of operations with a 100% predictable outcome (no need for testing), why can&#x27;t we continue to build predictable outcomes on the next layers?
======
noonespecial
Its quite easy to build unhackable software. It just also happens to be
unuseful. Its always a tradeoff.

I always thought that a key element to MS Windows domination was precisely
what made it so unsafe. It was dead easy to use and abuse it to do anything
and everything imaginable. Good or bad.

One man's hack is another man's feature.

------
nostrademons
It's un-economical. It is theoretically possible to build unhackable, bug-free
software. The amount of testing, formal verification, and specification needed
to do this means that in most domains, the company will be bankrupt before the
software enters service.

------
Rannath
Ignoring the software reasons, that are already in the comments. Unhackable
software is impossible because direct access is total access. If you make a
perfect program running on a perfect OS it still has to operate in the real
world. IRL I could change the memory or storage to hack the software via some
method other than the OS, bypassing the software entirely.

------
borplk
There's a bunch of reasons but for the most part I'd say it's currently too
expensive to do (time and money).

People think they want unhackable software, but then they realise it will cost
1000 times more and take 100 times longer (and even then not guaranteed) so
they forget about it.

------
6d0debc071
Being theoretically predictable, which computer programs are, is not the same
thing as being meaningfully determinable. And being meaningfully determinable
is not the same thing as having a strong description of all the desired states
that your program could be in.

------
veddox
I would say it's human limitation. The complexity of modern software systems
is often times too great for even its creators to grasp completely. Especially
since a program is not an island - it interacts with the OS, the hardware, the
network, other programs...

------
AnimalMuppet
You can perhaps build a (currently) unhackable program. Then someone discovers
a new way to hack programs.

That is: To make a program that is truly unhackable, it has to be immune to
all future hacks _that are currently unknown._ That's really hard.

------
dottrap
Refer to "The Halting Problem"
[https://en.wikipedia.org/wiki/Halting_problem](https://en.wikipedia.org/wiki/Halting_problem)

~~~
dottrap
In short, Alan Turning proved these problems are "undecidable" for the general
case (under our model/definition of computing, now know as the Turning
Machine).

~~~
dottrap
Thus we cannot build general purpose tools to tell us if our program is
correct as there is no general rigourus mathematical proof that we can apply.

Any attempt would require heuristics which are not guaranteed to work.

~~~
seanwilson
There is no algorithm to prove the correctness of programs in general but you
can still prove correctness of specific programs.

------
zzzcpan
We can, actually.

It's just so happens that 100% predictable outcome has nothing to do with
hackability.

