Executive Summary For an Introduction to Capability Based Security for Users

The series of introductions to capability based security found on the Main Introduction Page explain and detail the following points:

The common wisdom says that computer viruses, trojan horses, cyberterror, and cyberwar can never be fully defeated. The common wisdom is false.
The fundamental problem against which all current security patchwork solutions fail is this: every dinky program on our computers gets every bit of authority we ourselves command. This is the equivalent of driving up to the valet parking area and giving the valet, not merely the car key, but all our house keys, our credit cards, our driver's licenses, and our cash, for the sole purpose of parking the car. As long as we accept this fundamental lunacy, the common wisdom is true.
Capability Security is a security paradigm that enables us to achieve the Golden Triangle: usability, functionality, and security, all at the same time. Each application in a capability secure environment gets exactly the authority it needs, no more, no less, all without any special security dialogs, firewalls, passwords, signature verifications, or other security-oriented atrocities. In contrast, all current day "orthodox" security technologies fail on least one of side of the Golden Triangle.
CapDesk, which has been in operational use for two years, is a capability secure tool that blends features of a secure distributed file manager, an ad hoc VPN, and a capability secure desktop, invulnerable to cyberattack. Yet it is as easy to use as any ordinary file manager like Windows File Explorer. Parts of CapDesk were developed under the auspices of DARPA, and the system overall was subjected to a security review that is publicly available. The architecture was found to be sound by a team including world-famous computer security expert Dr. David Wagner of UC Berkeley.
CapDesk runs on Windows, Linux, and several other operating systems. However, to prevent cyberattack through existing non-capability-based applications, you should run those programs in separate virtual machine compartments, typically by using VMWare guest operating systems, and using CapDesk's distributed file management powers to stitch the desktops together.
CapDesk, and several other secure products ready for exploration by early adopters, are written with the E programming language, a capability secure language specifically designed to meet the demands of secure distributed systems in which the participants all have only limited trust in one another. It is as important a step forward from Java as Java is a step forward from C++.