"Why am I always being asked to prove these systems aren't secure?
The burden of proof ought to be on the vendor.
You ask about the hardware.
'Secret.'
The software?
'Secret.'
What's the cryptography?
'Can't tell you because that'll compromise the secrecy of the machines.'
... Federal testing procedures?
'Secret'!
Results of the tests?
'Secret'!
Basically we are required to have blind faith."
Dr. David L. Dill
Professor, Computer Science
Stanford University