This is pretty old (I'm thinking 10 years) but does a great job of describing how screwed up security is on the Internet. And this isn't "oops, I forgot to have a good password" screwed up, this is the Finest Minds in Internet Security and how they gave us the mess that is encryption. It's very geeky, but also pretty funny, and it gives the long, sordid history on how adding incremental reasonable features gave us a great big stinking ball of fail.
TL;DR: encryption actually works most of the time, but you don't get the security that you think you get.
TL;DR #2: The only people who seem to have figured out how to do this well are the Credit Card companies. They have a big financial incentive.
TL;DR #3: This is still geeky, but a lot easier read.