A great post today from Asa (one of the Firefox developers):
A couple of months ago, Mike Danseglio, the Program Manager for the Security Solutions group at Microsoft blamed users for the Windows security nightmare, saying “there really is no patch for human stupidity.”
Nice one, Mike.
Actually, Mike, there really is no patch for that kind of blame shifting. We make software and it’s our job to make it work. Designing and building software is an extremely complex process but it is not magic and it is not only possible to make it safe, it’s a requirement.
The makers of internet connected software, primarily browsers and email programs, have created sophisticated platforms for web developers and for those who would do the user harm. Microsoft, with it’s dominance in the browser and email markets, walked away from improving that platform in 2001 and gave the bad guys half a decade — and remember, this is “Internet time”, half a decade to build ever more sophisticated attacks against users.
Check the link above for more.