Well I just spent 20 mins composing a comment only to have the web page "expire" and throw all my work away. Should have known to compose it offline like the long ago email systems - what wonderful technology we have today!!!
So here's an abreviated version (by the way I did watch the video, but haven't read the paper.)
My main point was that in weighing the economic equation part of the equation that we also forget is the attempt to shift the cost from the technology to the user - my analogy was asking the user to put a deadbolt lock on the front door when we have the user living in a grass shack!!
Can't track down the perpetrators? That's because we designed and deployed a network that makes it increadibly easy to hide. Why did networking innovations stop when TCP/IP was invented. Is it really better to ask millions of users to compensate then to fix the technology. Could we offer a safer technology at a cost that users would be willing to pay rather than absorbing these other costs with marginal value!
Examining the address bar in some vain attempt to figure out how legit the web site is! Rediculous. I don't deposit my money down the street with Joe but carefully choose a bank to keep it in (well lets ignore the banking crises for the moment). We have fairly effective measures (social and legal) that prevent Joe from putting up a "Wells Fargo" facade so I don't have to worry much about making my deposit in the wrong place. Can't we do a heck of a lot better technology wise on the internet - why does the site I throw up in my back yard have exactly the same presence as a site put up by wells Fargo.
Not saying that these are altogether cheap or easy technical issues, but I think the average user has figured out that we are not holding up our end of the bargain so why should they give a lot of effort or creadence to our suggestions (or attempts to color the address bar!).