Computer Security is like the roller coaster ride of Stock Markets. You hope its going to go contantly up and improve over time but then Reality Bites and stories like super cooling hardware chips to mke stealing carefully guarded security keys trivial appear – almost like blips and downturns in the stock market.
It appears the best defense in high security situations is to have several unlocking steps or methods. But that then may add performance and/or ease of use costs. Heretofore, IT has been erring on the side of ease of use/performance over security. Security problems like this hardware gap, JavaScript and other dyamic language vulnerabilities, and “social engineering” exploits may mean shifting that balance/tradeoff back towards safe and secure.