Gunter Ollmann recently spoke at an internal IBM information technology security conference on the subject of “how too good security can become no security”. His argument boils down to the fact that as computer security gets more complicated the end user uses it less effectively. Ollmann also takes issue with the common perspective from security professionals that “there’s no patch for stupidity – i.e. the victim should be blamed because they couldn’t figure it all out and did something they shouldn’t have." His solution is security ergonomics, or designing security that is effectively and efficiently used by the end consumer.