Re: Software/hardware paradigm is the problem
9rune5. I'm not really sure you are replying to my comment in the last part or the original article.
If we get our hardware/software paradigm right with defences built in from the ground up, the need for bolt-on defence goes away.
What we have at the moment is watch towers dotted sporadically around the country watching for advancing attackers. The encampment itself is surrounded by a garden fence, not a castle wall. The watch towers are put up by the anti-malware industry. But we need to be more intrinsically secure. It can be done.
But I agree that even when we clean up that part, we still need to be vigilant. However, end users are not vigilant. So there will always be opportunities for attackers if we rely on vigilance. We actually need to protect the end users of devices. Today's architectures and languages do not do that.
I hope that clarifies what I am saying.