Pushpa Sathish thinks end users are responsible for botnets. Referring to a recent root DNS DDoS attack, he says:

If you thought the news above was bad, brace yourself, you’re about to hear worse. YOU may have been responsible in part for the attack! Before you go all indignant on me, let me put it across differently. Your computer may have been one in the millions used by hackers to launch the disruption of service, without your knowledge, of course.

Heard of botnets? They’re the armies of zombie computers that have been taken over and are controlled by hackers to perpetrate other heinous crimes on the Internet. If you do not protect your system with adequate measures such as anti-virus software and sensible Internet usage, you leave your doors (Windows?) wide open to hackers. Your computer then becomes the next link in the chain of systems that form a botnet!

Root Cause for the Root Attack – YOU! Pushpa Sathish, Staff Writer, Network Security Journal, 7 Feb 2007

While no doubt end users should be somewhat careful about what they do, suppose we make an analogy to automobiles. If a car manufacturer sold cars that were easy for joyriders to remotely hijack out of your garage at night and drive around without you ever knowing it, who do you think would be liable? You, or the manufacturer?

Seems to me the most relevant part of the above post is the parenthetical remark:

(Windows?)

When will we see software vendor liability like we already see automobile manufacturer liability? That would be some good risk management.

-jsq