Comment by thewanderer1983

The problem with this assumption, that all possible attacks have been narrowed down to expensive only attacks i.e nation station level. These are complex systems and its not possible to prove that the only form of attacks are within these overton Windows. There may be much simpler forms of attack that aren't expensive, but the experts aren't aware of them, and therefore not focusing on. This is one of the big reasons for provably secure systems like Sel4 and other functional programming paradigms. We can't prove that all the problems are in this expensive box we put ourselves in, and all it takes is a 12 year old to discover one of these cheap attacks with a tooth pick or kids toy undermine very expensive defence systems.

Take for example, John Draper who discovered in the 60's that a Captain Crunch whistle toy could be used to make free phone calls on the telephone systems. Or the discovery of Side Channel attacks by an engineer at Bell Telephone company who noticed that a Bell Telephone model 131-B2 would produce distinct spikes for each key pressed on the oscilloscope across the room. Therefore not requiring nation station level expense to break the encryption used by Navy and Army's encryption systems. Or during the Afghan war, the US was deploying armored vehicles that they assumed would provide good protection, and would be expensive to attack by the enemy. Turned out they could make IEDs from inverted copper cheaply and within locals kitchens. That proved very successful. Or the kid who discovered he could bypass the mint screensaver by smashing random keys on the keyboard (https://github.com/linuxmint/cinnamon-screensaver/issues/354). The list of these types of cheap attacks are throughout history.