How did your specific experiences inform you in your practice of securely using technology for communication?

How did your specific experiences inform you in your practice of securely using technology for communication?

I've always been interested in network security (and physical security for that matter).  When I was younger and first learned how easy it is to pick a lock with a couple of playing cards it opened my eyes to how much we rely on terrible security.  Since then I've been to network security conferences, and seen hundreds of hacks done live and in videos on the web. Knowing that nothing is secure is both scary and comforting at the same time.  It's comforting because I know where the existing or potential vulnerabilities lie.  It's scary because I know that I will never be able to mitigate against all of them.

One of the most interesting demonstrations that I've seen was a simple hack on a website that allowed the hacker to change the amount deducted from his credit card when paying for things.  The amount was changed to a negative value so he was sent the product as well as a credit on his credit card.  Before this demonstration I had purchased things on "mom and pop" websites before that I knew were designed poorly.  After that demo I realized just how poor the security is putting not only the site, but their customers at risk.  I will never buy from such an obviously low quality site again.