Maybe Mrkvonic is asking who is actually attacking whom, as in directly attacking? I don't feel anyone has ever attacked me, personally, in a direct manner whatsoever. Maybe this is what he's getting at? Aren't most exploits just put out there for the majority of end users to stumble upon by chance, and then in that case there's usually a decision made by the potential victim on whether or not to allow the exploit to unleash itself along with its potential payload upon its victim, so this final trigger mechanism is in the hands of the end user? I tend to understand what he's getting at when he implies most exploits are trivial. Very rarely in all the years I've been using a computer have I felt my security setup has actually been responsible for "saving" me from an exploit. The means of avoiding or incurring one has mostly always been in my control.