Interview with Marcus Ranum
There’s some good stuff in this interview.
There’s enough blame for everyone.
Blame the users who don’t secure their systems and applications.
Blame the vendors who write and distribute insecure shovel-ware.
Blame the sleazebags who make their living infecting innocent people with spyware, or sending spam.
Blame Microsoft for producing an operating system that is bloated and has an ineffective permissions model and poor default configurations.
Blame the IT managers who overrule their security practitioners’ advice and put their systems at risk in the interest of convenience. Etc.
Truly, the only people who deserve a complete helping of blame are the hackers. Let’s not forget that they’re the ones doing this to us. They’re the ones who are annoying an entire planet. They’re the ones who are costing us billions of dollars a year to secure our systems against them. They’re the ones who place their desire for fun ahead of everyone on earth’s desire for peace and [the] right to privacy.