AVs do have limits in terms of what they can do but the Virustotal part isn't exactly the best way to prove the author's point. I do agree though that security for the most part has been treated as an afterthought and that people generally puts convenience and social sharing ahead.
"According to the findings, one in three US-based computer users don’t have an anti-malware solution installed. Only 67.3% of respondents are protected by an antivirus solution. Advanced security technologies such as VPN and two-factor authentication are used by less than one in 10 Americans." http://www.informationweek.com/part...t-people-have-stopped-using-it/a/d-id/1317878
IMO the user/admin is a central piece when it comes to securing a computer or a network. We might invent a billion security tools, but their power depends on how the person in front of the screen is using them. The user's level of expertise about computer security is important as well. And the dream about a tool that will secure your network or computer without your intervention and without any knowledge required will remain just that: a dream.
I agree, I believe that security tools are good enough to stop current attacks, it's the people who are the problem. I do think that online privacy can be a bit of a problem, but with extensions like script-blockers you can mitigate some risk. For me stuff like VPN and Tor is overkill.
In the first link: his comparing it to airport security and 9/11 is stupidly flawed. There's no "eye opener" with computer security, everyday stuff is happening continually. These companies knew this. And always after something like this happens, there's a finger point circle and a "if only they did x,y,z instead". With computer security, along with security in general, there's too much banking on "someone else" protecting you. Plan A should be the responsibility of yourself, because at least then you have some control over it.
