Recently I had an email discussion with somebody which left me wordless. It was about some security permissions required to run a piece of software. I mentioned that the default settings grant too many privileges thereby violating the principle of least privilege. Using fewer privileges would be possible without reducing the functionality or user experience. But the person simply didn’t care. I thought that after years and years of security vulnerabilities, all software developers would at least have a sense of the importantance of writing secure software. Am I too naïve in thinking so?