idealism vs realism debate, great points
Here is a great post about security products and the idealist vs the realist. Below are two snippets, but go read it, it's good.
"Idealist : all security products designed to stop attacks/attackers are useless and snake oil, because a skilled enough attacker can always evade the HIPS/evade the NIPS/defeat the heap protection/own you."
"Realist : security products are useful and worth purchasing because they can stop unskilled attackers armed with off the shelf (freely downloadable) exploit frameworks like metasploit (although hd's recent talk at cansec stated that the new nips evasion techniques evade almost every product) and they stop actual malware as seen on the internets."
