Cybercrime has changed greatly in the last 30 years. People still hack, but for many different reasons. The rewards available to hackers are much greater, as are the risks. But many of the techniques that hackers employ, both technical and psychological, have not changed at all. Victims still fall for the social engineering tricks and the fake emails. They still write down passwords. Compilers still fail to protect programmers from buffer overruns. Programmers still fail to protect themselves from being vulnerable to database injection attacks. Have we learned anything in 32 years? If so, how much, and is it enough?