[Swannie]

Q: Is it secure? A: No.

Q: What do you mean "No"? A: We believe we have done a good job in securing it.

Q: So did you do a good job? A: We hope so!

Q: You "hope so", what sort of answer is that? A: Trust us. It's secure. We are not hackers. We don't want to steal your data. We did not put in any back doors. We audited the code ourselves. There are not any kernel level hacks, root kits, or otherwise. This has been tested against a variety of anti-virus scanners and none of them flagged anything. We're very good. Please please trust us?

[zimbatm]

The last answer could be even better if it included an actual list of things that have been checked against:

What testing methodology did you use, what form of vulnerability or classes of errors does it prevent (valgrind, ...). Has the code been formally verified ?

What are the attack scenarios that you have considered. What are those you don't prevent (physical access, system compromise, user compromise).

What are the knows and known unknowns.

[Swannie]

:-) The slight tone of sarcasm was there if you were looking for it.

Ultimately it comes down to "Trust us". Unless you are well versed in computer security, anything other than what I wrote, is meaningless. Even the rootkit stuff I put there is above the head of the average computer user (we're probably talking the 98th percentile and above that would understand what a rootkit is).

Probably talking the 99.99th percentile for what's above.