Security is easy to say, hard to do!

I was perusing some security articles and came across "Top Five Reasons For Security FAIL" by Adi Ruppin. In the article he talks about security failure and how encryption isn't foolproof and he even goes on to say that he finds most personal firewalls useless. I see where he's coming from.  I will say that personal firewalls are useful to some extent but only when the user has them set up correctly. Sure, some can be tricky to configure and I'm often asked by users, "it's asking me if I want to allow this or that service to connect...What do I say?" I've seen users have their AV updates "blocked" by a personal firewall simply because they answered a "request to connect" incorrectly then ended up with a machine rife with malware because the firewall blocked AV updates.

Another problem I've found is that routers are incorrectly configured by default. Let's face it, the average user has no idea what to do to rectify that shortcoming and would be hard pressed to get in there and tinker with the settings.

As far as algorithms are concerned, the security they afford is only temporary. "Those who cannot remember the past are condemned to repeat it," said the philosopher George Santayana, and that sentiment certainly holds true here. As I wrote in a blog a few years back, we have to remember that no algorithm is perfect. It is only a placeholder for the here and now. Encryption methods we use today will inevitably be broken - by both algorithmic prowess and by more powerful machines from which attacks will be launched.