Here’s an attempt to succintly describe why achieving security is difficult:
The engineer wants to implement a program P that allows users to perform action A.
The hacker looks at program P and wonders how can he use it to perform actions other than A.
The security guy wants to implement a program P that allows users to perform action A and only action A.
Some observations based on this description:
– defining A precisely is harder than it may sound
– it can be non-trivial to implement P so that it performs A
– if P fails to accomplish A, it will likely accomplish something else than A
– there is a cascading effect that increases the probability of not being able to achieve the security guy’s goal