Stop Blaming the Consumer for Security Problems

Computerworld - Information technology security groups continually ask how they can erect stronger walls to keep the barbarians out of their electronic fortresses. Perhaps they should be asking why there are so many barbarians in the first place.
The hordes at the gates aren't mercenaries but an army of unwitting conscripts. Most are consumers -- your neighbors, in-laws and even your kids -- who unknowingly had their computers hijacked by worms, viruses, malicious JavaScript embedded in Web pages they visited, rogue ActiveX controls and a host of other arcane mechanisms that deliver advertising and enable services that vendors are quite sure people need.
When a worm like Mydoom commandeers home PCs and creates a massive denial-of-service attack, the industry and even some tech-savvy users blame the victims for the problem. They say that consumers should have known that an e-mail with a .zip file attachment that was addressed from a friend and passed by their antivirus defenses without a problem was a worm. And that the HTML-formatted message that looked for all the world like a Microsoft Web site page was actually a phishing scam to steal their passwords, or a ploy to install Trojan horses or spyware. The attitude is, "You clicked on that? You moron!"
But let's not forget who created this mess. It wasn't the consumer. A PC connected to the Internet is quite possibly the worst consumer appliance ever invented. In fact, it's not an appliance at all. The Xbox is a consumer appliance. A PC is a general-purpose computing device masquerading as a consumer product. Peel away the colorful Windows veneer, and you have a machine that's overly complex, poorly designed for security and comes packaged with unrealistic expectations.
If you haven't tried to help a frustrated home user recently, you have no idea how bad the situation is. My teenage neighbor came to me with a laptop that wouldn't load the paint program he received for Christmas. Every time he tried to install it, the Windows Installer service would crash. In the course of trying to fix the problem, I ran up against seven viruses and more than 160 spyware and adware files. The system installation was just two months old.
I spent the better part of a day in a determined but unsuccessful effort to clean it before I finally wiped the disk and started over. As I gave my neighbor an hour-long lecture on how to avoid future problems, I saw his confused look and realized how wrong this whole situation is. Why on earth