Your neighbor stops you at your curb. He knows you're a computer security guru and wants to know the secret to protecting his computer from hackers. You need to get back to mowing the lawn and don't really have time to explain log monitoring, patch management, vulnerability assessments, penetration testing, least required access, the CIA triad, and the finer points of risk management. Besides, you know you're the only guy on the block with syslog servers, hardware firewalls, IDS and HIPS watching the one computer in your house that you only use for online banking. So what do you tell him? Keep your patches and antivirus software up to date and don't run untrusted programs. You know it's not enough, but any more advice would commit you to hours of free consulting or get you uninvited to the neighborhood Christmas party. Don't run untrusted programs - good advice! The problem is most people trust everyone when it comes to free software.
