It's a matter of keeping proper perspective. There is no such thing as perfect security, just different levels of dilligence. Even though I am incredibly dilligent with my security practices, I am still vulnerable.

Someone could conceivably tamper with my desktop machine at work while I was home for the evening. They could take out the hard drive, attach it to another computer, read its contents, write stuff to its file system, install a keyboard tracer internal to the case so I wouldn't notice it, etc. Of course, this would be an extraordinarily high risk operation for very little reward, and thus it isn't in anyone's interest to try said shenanigans.

A much more likely attack would be to install software on it were I to let someone sit down at my login prompt and bang away, either intentionally without properly monitoring what they were doing, or acidentally by having someone sneak a session at my desk. Simply locking my workstation when I am away from it takes care of this. Had I missile codes on my machine, more security regarding my hardware would be in order, but as it stands the best someone could do with a password hijacking would be to steal a few thousand dollars from me, or deface my web site, neither of which is worth the kind of resources it would take to pull off such an operation.

You are absolutely correct...the errors are usually generated by humans ;-)