1) For someone who doesn't paraphrase press releases, you sure do seem to echo a lot of the same things harped on by press releases... Or press releases disguised as articles and published by Cnet, Ziff-Davis, or IDG. Maybe you do it without knowing... Who hasn't read something somewhere, had it stick in your brain, and then pulled it out at some later date, long after you've forgotten where you came across it to begin with?
2) Not to make light of anything, but apparently your experience wasn't painful enough to cause you to question why it is all these things are necessary. Because quite frankly, you can get by with very little protection IF you take a little care in your planning. I've gone over this numerous times, so it shouldn't be hard to find an example of what I propose to people.
3) Good plan, but really has nothing to do with what we've been talking about
4) See #3
5) Not necessarily, but what does that have to do with what we've been talking about
6) Yes, and it's a shame... But a firewall isn't some magic cure that will stop this sort of thing dead in its tracks, and it's foolhardy to think otherwise
7) At least you didn't post something from the GRC website, so I can maintain a level of respect for you. I'm not going to get into nitpicking about how I've never heard of the author of that article, or how none of the accolades listed in the little bio include anything about security. The fact that he's apparently a big IIS fan actually speaks against him on the security front. I won't even bother getting into how the article doesn't really say much except that the XP SP2 firewall is aimed at home users and spends the majority of the time talking about how other software firewalls can switch it off automatically. Those are things that should be taken up with the guy's editor, so unless you're the aforementioned editor... I'm just going to respectfully disagree with the assertion being made by you. There is nothing compelling, from a protection standpoint, offered by ZoneAlarm or any of the others, over the XP firewall. Outbound filtering is simply not that big of a deal. It has its uses, I won't argue that, but it's importance is vastly overblown. I think we would both agree that the real issue is educating average users on the subject, and that there is no easy answer as to how to do this effectively. There probably should be something like a mandatory analog to Driver's Ed if you own a computer. It'd be nice if every school in the country had the budget to be able to create a series of classes every student has to take to graduate, which reinforces all of this. It'd be nice if you could just toss a pamphlet in with every new computer sold, and everyone would read it. It'd be nice if Corporate America realized how much money could be saved, and potential liability avoided, if they made such classes mandatory for employees like sexual harassment seminars. Unfortunately, that's all just wishful thinking. Just the same as slapping a firewall onto a system and thinking it will cure everything. Especially when the average user is just going to click "Allow" to every question posted by ZoneAlarm or any other firewall. They won't read the message, they'll just assume they won't understand it, just how ZoneLabs and company prefer it. Which fits nicely with your extension to my analogy about the condom with the holes punched in it.
Isn't it funny how crude analogies always seem to work the best? You can make car analogies until pigs start flying, it won't ever have quite the same impact as mentioning something that isn't supposed to be talked about in polite society, such as prostitutes. What does that say about us as a culture?