But is it a mistake if they don't take basic steps to provide basic
protection. In most corporate cases it's the management pushing the coders who create the problems, so they also have to be in the line of fire. But a person or company that releases software with a KNOWN vulnerability are as responsible for it's misuse as the hacker who later uses that hole.
Keep Up with TechRepublic