Usability

For anyone who is interested in looking at some of the reasons why "user" security is such a problem, I would recommend reading Peter Gutmann's draft document at http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf

I don't think that claims of Darwinism in action really stand up to scrutiny when IT people, and particularly IT security people, can't understand that their systems are actually used by genuine human end users.