Michael Horowitz has published a list of reasons why the bad guys are winning in IT from the viewpoint of security. He spares no one.
see Computerworld – Michael Horowitz Why the bad guys are winning
Some of my “favourite” items from his list include:
Of course all kinds of human frailty are included in the list and as systems become more complex, human frailty finds more ways to mess up security. My most amazing encounters with human frailty includes ordinary users of that other OS who have collected around 100 random “must have” applications from the web, many of them spyware, spamware or worse. Things like insects to replace the pointer in the GUI, or various “security alert” fixes… I have even been called to a GNU/Linux desktop to help install one of these things. Where is the logic in peoples’ brains which determines that because a PC can run any software it must run all software? That kind of defeats the argument that users seek the best software for the job when there is no job.