I attended the New Scientist salon on spam last night (also attended by Gregor. It was actually hosted by Simson Garfinkle and Paul Graham. Simson's claimed that only about 200 people accounted for the world's supply of spam. His (yes, facetious) theory was that only extrajuditial means would solve the spam problem -- meaning hunting down and killing a number of spammers sufficient to deter the remainder, like John Travolta at the end of Operation Swordfish. Since spammers have both teamed up with and provided a profit motive for previously harmless crackers, we now have armies of compromised machines which will make future attempts at micro-payments and digital signatures (and other end-user dependent schemes) pointless.
I do not think they're pointless, but they probably won't fly on their own. I remember reading about a simulation of a internet super-worm -- a virus that spreads via several vectors at once and aggressively scams for and propagates itself to other machines. The authors of the study determined that it could spread to all vulnerable net-connected hosts in 15 minutes BUT if machines had an extremely simple limit on outbound IP connections it could not even spread fast enough to be a threat.
Generalizing this super-simple virus-fighting behavior a bit, I think our machines should establish baselines for things like outbound IP connections and the amount of email we send out. For the average user on a machine with a consistent usage profile, it should require some time of user intervention to perform network scans oustide the baseline. This is the equivalent of the credit card fraud division calling you up when they notice your recent purchases of Snoop Dogg in a Tiajuana Record store. Is this fantasy technology that we're years away from having available? Well, I talked to a company named Okena that was writing this software for Windows and Linux a couple years ago. They instrumented and rolled up the behavior of desktop applications to a central server, so that they could define deviant behavior by comparing a machine with it's peers. They could then stop behavior as it emerge, instead of retroactively looking for infected file signatures.
Microsoft recently floated a trial balloon about enabling firewalls by default and implementing some sort of behavior profiling in the OS. While I'm realistic that this is more about escalation than an end-game, it will be interesting to see what kind of traction it gets with MS's money (and, at this point, desperation) behind it.