Brad Hughes was kind enough to comment on blog post earlier today and he asked a rather interesting question. "Who do you really think is the cause of the social problem of security?"

You know, Brad, that is indeed a good question. I like to say the users, because they fail to take the responsibility they should. You don't drive a car without training ( and a license ) , you don't shoot a rifle without a permit (at least in Norway you don't ) . So why do you attack other users on Internet because of your naivety regarding computer security?

But it isn't necessarily that easy. Exampli gratia we had a debate regarding these applications that dial into an off-shore server for 10 USD a minute. The user blindly click yes to everything that pop up while browsing his favourite porn site or getting a crack for some application. Yet the bill was completely cleared. For some reason people thought this was the telecom's responsibility.

This upset me quite a lot, because if the users themselves doesn't see the consequences of their actions, the situation will never be for the better. Thankfully with the spread of high-speed internet connections many ISPs decide to include a router with a pre-configured firewall, and many ISPs block outgoing port 25 in order to stop spam.

But what does that do for others, that actually have fairly secured system? Well, it affect my quality of service, and I get a higher rate (obviously someone has to pay when someone get 5,000 USD deducted from the bill).

I'm tired of users not taking responsibility, I'm tired of newspapers blaming the ISP. It is your computer, and your responsibility, if you don't have the required knowledge to properly secure it, hire someone that does.