We have security flaws in our technology on several fronts. Unfortunately, they exist on two of the three parts of any computer:
• Hardware
• Software
Media, or "that which stores software" is a likely carrier, but just like "patient zero" in the AIDS infection debacle which still transpires we continue to fail to hold the vectors at bay opting instead to utilize their flawed products in our industries despite the portends of compromise arising everywhere.
The full Dell EMC Data Protection Suite remains compromised and subject to hijack by Zero-day vulnerabilities — though news of this was released long ago. This flaw allows hackers to remotely target a server and spoof the authentication service into giving them administrator rights.
Associated with this is the equally morbid authenticated arbitrary file access issue in the UserInputService, which permits authenticated users to download arbitrary files with root privileges ... though that authentication itself may be an actor from some hostile network.
Can you say "No wonder China is stealing all of our technology" ?
Then there are Intel chip flaws affecting nearly all modern computer processors which would permit hackers to pilfer stored data right on down to the trusted computing base which contains ACLs, passwords, and other sensitive information from desktops, notebooks, smartphones and let us not forget the so-called "cloud" networks internationally.
The "spectre" exploit remains the single most prevalent flaw leaving the entirety of Intel based microprocessors subject to attack. Couple this with there is "no complete software patch in sight" and just where is the security? Who is responsible? Why are there never any consequences?
"Responsible Disclosure" be damned we need a set of definitive fixes which are effective and contemporaneous with the exploits at hand. I suppose that slowed performance after patches are applied is a pitfall of flawed design up front.
We need a vendor who places secure implementations above immediate profits in the market.