Re: Complete rethink
"Security is also the balance between making computing easy for a legitimate user, but as hard as possible for a malicious attacker. As far as the legitimate user is concerned security facilities built in at lowest levels, such as bounds checking, actually makes no difference and certainly does not adversely impact anything that is computable. In fact, in addition to security, it helps developers develop correct programs."
And yet you don't see things like tagged memory in most processors? Why? Because of the other two legs of the triangle: cost and performance. You either take a noticeable performance hit or pay through the nose. And yes, people pay attention to those two. Media encoding jobs (such as home video editing) still take time even on relatively recent hardware (last I checked, you still can't do realtime 1080p HEVC even on an i7, let alone 4K down the road). And of course, there's still gaming, business calculations, and so on. At the same time, people don't want to spend a lot on their computers because, unlike things like cars, computers can't kill them. Wanting peace of mind takes a direct threat to make it desirable. Otherwise, it isn't worth it.
As for balancing between ease of use and difficulty, remember there's always the dreaded overlap. The paths you MUST leave for the users to get through can just as easily become the way in for the enemy, and there's no real way to stop this because there's no real way to prevent a sufficiently-disguised imposter (and we already know adversaries are ready, willing, able, and even eager to steal identities for this purpose, no matter how insignificant the identity).