Buggy Software
85% of all CERT advisories describe problems that cannot be solved with cryptography.
9 of 13 advisories last year were for buffer overflows.
- 2 of the remainder described problems in crypto modules.
If your software is buggy, how can it be secure? We don’t know how to write correct code!