Why Current Security Solutions Fail To Prevent Data Theft

I saw a story at net-security.org describing why current security
solutions might be unable to prevent data theft. It describes why
application password protection, disk encryption, file encryption, etc.
fail to prevent data theft so I submitted it here:

http://www.digg.com/security/Why_Cur...ent_Data_Theft

Googling about the story, I found this Flash video showing how password
protected Palm Treo 700p smartphone contacts can be exposed on a PC
running Palm Desktop, disk encryption, firewall, antivirus, etc.:

http://www.innersafe.com/demos/palm_...ure/index.html

It seems the situation is worse than the story (which doesn't even
mention keylogging):

1. disk encryption doesn't help while the disk is mounted (which can be
hours while we're online & using the disk)

2. file encryption requires decrypting to disk which can leave
sensitive data on disk even after the file is re-encrypted again (seems
NTFS and some thumb drives don't always overwrite files.)

3. keylogging software can pretty much steal passwords or file content
before it is encrypted which makes #1 and #2 worse

4. firewalls are vulnerable to insiders with physical access to PC's
and open ports people need to access the web or email.

5. antivirus and antispyware don't detect 100% of malware, require
signature updates, and doesn't address the fact a thief can use
uninfected programs for data theft.

6. password recovery tools can instantly extract passwords or reset
passwords of many popular file formats like Microsoft Outlook 2003 .PST
files.

7. When using EFS (Encrypted File System), "a file's original
unencrypted file data is left on the disk after a new encrypted version
of the file is created." according to Microsoft at
http://www.microsoft.com/technet/sys...s/SDelete.mspx

Besides the "don't run Microsoft Windows" or "don't store sensitive
data on PC's" type of advice, what can be done to secure sensitive data
on a PC?

What do you use today to secure your data? I know keypass and
truecrypt are free & popular, but is there anything better?

Is computer security even possible without spending a fortune?