Well, my example of HBGary was chosen because they were a firm specializing in computer security. But, as shown by Ars Technica (or claimed by Anonymous) they had some pretty bad security failures themselves.
You do have a point about programmers, or to generalize a bit, people who are more technically-inclined than average but who don't care/know about security. I shake my head seeing things like people flashing community-built Android ROMs with signature checks disabled, closed-source rooting tools, sideloaded APKs downloaded from dubious filesharing sites, "curl http://whatever | sh".
You do have a point about programmers, or to generalize a bit, people who are more technically-inclined than average but who don't care/know about security. I shake my head seeing things like people flashing community-built Android ROMs with signature checks disabled, closed-source rooting tools, sideloaded APKs downloaded from dubious filesharing sites, "curl http://whatever | sh".