[dmarlow]

Correct. Also claiming that it's mildly secure is also inviting hackers. Damned if you do, damned if you don't.

[close04]

There must be something in between right? Like... "secure"? Claiming "hacker-proof" isn't just an invitation, it's a challenge. Nothing triggers people like telling them something is %-proof.

The mathematical proof might be 100% solid and hacker proof. The implementation will probably never be.

[fuklief]

> The mathematical proof might be 100% solid and hacker proof. The implementation will probably never be.

I agree, I see a few ways that it could go wrong:

- Code is proven correct against the specification, but specification is wrong/buggy

- source code is correct/secure, but compiler is overzealous and botch the securities guarantees.

[gargravarr]

- someone just outright botches the implementation. Heartbleed wound up in OpenSSL for years before anyone noticed.

[dormento]

"Our very strength incites challenge. Challenge incites conflict. And conflict breeds catastrophe."