Every security pro should read this blurb and think about it. No, really.
It starts with this fun line: "Just about everything in civilization works on the honor system."
Think about it - this is basically what many call "luck-based security" ;-)
"When we move online, though, two things happen. First, word among the black hats spreads fast. One person starts ripping you off and suddenly it's a hundred."
Indeed, offline bad stuff doesn't scale as well as online; true, but ...
"Just like the real world, though, if you spend all your time preparing for and defending against the black hats, you'll never accomplish anything."
Holy Chao! :-) Really?
It gets milder, but still pretty darn disturbing:
"There's a different path. Awareness of the potential problem helps you keep your eyes open. You can watch the trends, be aware, but still embrace the honor system. Realize that the vast majority of your customers will always want to do the right thing. Look both ways before crossing the street... but still cross."
This type of thinking cannot even be called "wrong" since it is sooooo common. We should FIT security in the world that is dominated by this thinking; only then everybody is successful.