Playing around with writing malware proof-of-concepts, running red and blue team simulations in my computer lab against Windows Home edition, I feel sort of bad for Windows Home users. Such users probably constitute the majority of Microsoft's userbase. And most security mitigations for that edition are not exactly effective against attackers. Commercial-grade versions of Windows and commercial-grade security products are a different story in some circumstances. Commercial editions of Windows include a lot of nice mitigations and security features. But I think it's kind of an economic trilemma. You have three potential strategies for security--and a few different potential tradeoffs. You can only optimize for two out of three. If it's cheap and convenient, it won't be secure. If it's cheap and secure, it won't be convenient. If it's secure and convenient, it won't be cheap. There are certainly exceptions to this model, though. ...