Is it even possible to be “completely secure”?

“The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards — and even then I have my doubts.” — Gene Spafford

If you’ve ever wondered “how much security is enough?” you are not alone.

More and more personal information security measures seem to be mandatory — passwords, anti-virus, one-time code generators, SMS message codes, home firewalls, security webcams, smart doorbells, anti-ransomware, disk encryption…

Why, with all of this technology, are we still not secure?

The reason is both simple and complex.

The simple answer is that nothing is perfect. Can anything ever be perfectly round? Can a road ever be built completely straight? Do simple engines and non-computational machines ever fail? Do the strongest metals rust? Is a measurement ever exact?

Computing devices are extremely good at certain tasks. They are generally accurate, fast, and extremely good at storing data (much better than our brains).

The more complex answer to this question involves fallibility, probability, and opinion.

Computers run on coded instructions. This code is created by humans. Even code written by computers was ultimately originally designed by humans. Code is generally how security vulnerabilities come into existence, and as such is what security aims to protect. Code can never be perfect, so…