[User3456335]

Perhaps an analogy with other crime can help here.

Just because your store can be broken into doesn't mean you can't take measures that make it much more difficult.

It's not that security mechanisms in a store are pointless, simply because you can't defend against the most advanced criminals.

You can make things much more difficult for criminals so they'll go to another store instead. Or at least they'll have to put in more effort as well.

[mikasa71]

This is a common analogy but incorrect for software security. With software companies absolved of all liabilities for flaws in their products, it is more like the perimeter walls in your stores full of hidden holes about which you can do nothing. Random people publish information about new holes to break into your store regularly. The wall manufacturer is shamed by the public to drop patches in front of your store from time to time but does not install it. Now, in addition to running your store you have to make time to install those patches.

Even if you do all of that, there is no guarantee criminals will move to the next house since they might have knowledge of a “zero-day” hole that you or even the manufacturer does not yet know about. Or you did not get around to patching one of the new holes in your wall.

So no, this is not apples to apples.

[User3456335]

Most of these things do not need to be public though. Whatever your existing setup is, you can build a box around it so that suspicious people are not allowed in. Then you only have the outer box to really worry about.

Of course if you want to enable people to make important decisions from their homes, you have two options, build a box around their homes too or accept that they are outside of the box and treat all of their activity as suspicious.

[pjmlp]

Which is why we are finally getting liability laws in computing, goverments and major companies are realizing how much money gets burned by security exploits.