Just How Effective is System Hardening?

SkiifGeek, pointing to our recent coverage of what the NSA went through to create SELINUX, wants to know just how effective system hardening is at preventing successful attack, and writes "When Jay Beale presented at DefCon 14, he quoted statistics (PDF link) that Bastille protected against every major threat targeting Red Hat 6, before the threats were known. With simple techniques available for the everyday user which can start them on the path towards system hardening, just how effective have you found system and network hardening to be? The NSA does have some excellent guides to help harden not only your OS but also your browser and network equipment."

Lunix bailout by big daddy gubment

It's kind of amazing how, after years and years and years of beating their chests and flexing and bragging about how secure they were... it was only until recently that Teh Lunix became a secure OS. And because of a handout by Big Gubment, at that.

Your tax dollars at work, fixing a horribly insecure OS. Or saving it from itself, and it's proponents, who believe obscurity is security.

BTW... why would the NSA be promoting computer security? Doesnt that just make it harder to spy on us all? I'd be suspicious of any code contributions on their end- it's more likely they've created hidden back doors (or just found plenty which were already there).