Security people (digital, physical, or otherwise) really need to ask themselves why vast quantities of trivially vulnerable systems are not being taken advantage of, and what that should mean for their threat modelling process
@joepie91 do you mean, like, motive, or something else?
@ChlorideCull The many complex human factors that go into it; that includes motive, but also more fundamental questions like "will people actually take advantage of others by default, like is so commonly claimed"
