> The difference between "idiot" and "at fault" is huge.
It depends on the environment. In some environments, you will be punished for leaving your valuables unsecured. It is considered bad policy to tolerate idiots that invite thieves.
The meat space equivalent of what this idiot journalist does is illegal in some jurisdictions.
But that would make the person who stole the information no less culpable. Criminals are criminals no matter how easy their victims were to exploit.
On the subject of the author having no credibility because of her insecure practices, she certainly has no credibility as a security expert, but the article isn't a security primer. Its an advocacy piece from the perspective of being a victim of a computer crime, which requires no competency in security. I think her points are valid. In spite of a few high-profile prosecutions, the tech community at large tends to over-romanticize criminal activity in certain areas, and I think that encourages others to participate and perform those kinds of activities. I think there's a vicarious thrill we get when computer criminals demonstrate what we tend to believe: that most computer users are idiots, that most IT departments are inept, that security isn't taken seriously enough, that computer skills tend to be underappreciated, and news organizations are completely oblivious.
It gives all hackers and IT professionals in general a bad name, its just that most of us don't care.