Originally Posted by antd
Originally Posted by RagingCain
every system is vulnerable
Mathematically untrue if "vulnerable" = contains remote code executions.
"Perfect" code is possible, it's just mathematics. It also takes a long time to write stable code.
Write a tiny program in assembly and you'll see that clean code can be written that contains no vulnerabilities. It just gets more difficult when you are using HLLs on huge projects that do not focus on security.
Not making mistakes in the program is != security. At least that is not all there is too it. Your assembly code can be over written/modified, .dlls can be injected etc. You forget the paradigm of it being written to disk, or RAM or even ROM, there are physical hacks. Young people tend to forget that there are many more dimensions to hack from before you get to writing code, scripting, or what not.
Good clean code equals one thing, good clean code.