The only problem with accusing programmers of negligence in their work because their software can be exploited is determining at which point "due diligence" ends and "criminal negligence" begins. It is not inconcievable that someone could write a program that, at the time of writing, has no known security holes, but is vulnerable to some technique not yet developed. Is the programmer to be blamed for not being clairvoyant?

~Cybercosis

nemo accipere quod non merere