Then again, does that mean humans have bugs just like computers? That’s a can of worms. Who’s responsible for the bugs?

Anyway, blaming users is not really a good thing, but sometimes it’s just reality. Who’s to blame for someone falling prey to a 419 scam? Is it the person who didn’t know it was a scam, the scammer, or both? I think it’s both. You can’t absolve people of their own actions because they didn’t know they were wrong. I seem to recall that breaking a law because you didn’t know it was illegal is not a way to get out of being punished for breaking it. (At least in the United States.) At the same time, developing software and social engineering tactics to be intentionally misleading and to prey on ignorance is just as bad as the ignorance it preys on.

I remember those Passwords = Underwear posters from all the UMich computing sites (I used to babysit computer sites.) Also, at some point, ResComp (I think) handed out condoms as part of a security promotion. I think that went over badly, or was at least scandalous. I should remember, considering I worked for them… *embarrassed*