There are two basic truths about security:
- Security is about minimizing trust.
- All security requires at least *some* trust.
For example, if you're using the methods in this repository, you either be trusting everything in the parts of the repository you'll be using, or you'll have verified it all based on knowledge you've gained in ways that you trust to be accurate (or accurate enough).
That's why its important to understand the basics of the security methods you're using, so you are likely to catch any insecure steps or missing pieces. You should be verifying that the security methods and software you use as been well vetted, even if you're a security expert.
This also requires you to know that the method or software (for example, the website you're getting info from or the installer of a piece of software you're installing) is the same thing that has been well vetted. Its not sufficient to know that Electrum has been well vetted, you also need to know that the specific version of Electrum that you want to use has been well vetted, and that installer you're using to install it will actually install the version you think its installing.
Good security just isn't simple. But despair not, perfect security is never the goal. Perfect security is impossible. The security you're looking for is "good enough" security. Security that is unlikely to be compromised. That's why good security matches up with the value of the things you're security.
Its not necessary to have security guards guard your one dollar bill. But it makes sense if you're guarding $1 million in cash. Similarly, if your password is protecting your myspace account, it probably doesn't matter if an attacker can hack your account by running a password cracker for a week - your myspace account is safe because no hacker would waste a week of their time on it. But if your password is protecting your bank account, its important to use a stronger password.
So tl;dr:
- Know who you're trusting.
- Know how valuable the things you're protecting are.
- Know how difficult it is to attack you, and ensure it costs more to attack you than the value of the things you're protecting.