In that case is it possible to design a secure application? Can you design an application used by real world people that will remain secure even if the infrastructure that controls it is taken over?
If a server is taken over, the best one can hope for, is sufficiently layered defenses to limit the immediate gains of the attacker and an alarm to warn users not to trust the application until further notice.
If a server is taken over, the best one can hope for, is sufficiently layered defenses to limit the immediate gains of the attacker and an alarm to warn users not to trust the application until further notice.