Re: Typically wrong.
Quote: "Guys, security is hopeless as long as we don't practice proper engineering."
While this quote is true, what is not mentioned is that the NSA, GCHQ and other government spooks (in Russia, China and elsewhere) quite like it that way.
Ask yourself if the NSA or GCHQ could do all that illegal hoovering if security was based on "proper engineering".
Ask yourself if GCHQ would get an extra 1.9 billion pounds sterling for their budget if the world was full of "proper engineering". The spooks at GCHQ are just like everyone else who would love a bigger budget.
Given all of the above, is anyone surprised that governments show absolutely no interest in "proper engineering" in the IT security arena?