Hopeless Maxim: The third most common excuse for not fixing security vulnerabilities is that "all security devices, systems, and programs can be defeated". Comment: This maxim is typically expressed by the same person who initially invoked the Mermaid Maxim, when he/she is forced to acknowledge that the vulnerabilities actually exist because they’ve been demonstrated in his/her face. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory