If you ask amateurs to act as front-line security personnel, you shouldn't be surprised when you get amateur security.

But in this country, while you have to be competent to pull off a terrorist attack, you don't have to be competent to cause terror. All you need to do is start plotting an attack and - regardless of whether or not you have a viable plan, weapons or even the faintest clue - the media will aid you in terrorizing the entire population.

Security is a process, not a product.

History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.

Microsoft knows that reliable software is not cost effective. According to studies, 90% to 95% of all bugs are harmless. They're never discovered by users, and they don't affect performance. It's much cheaper to release buggy software and fix the 5% to 10% of bugs people find and complain about.

Why is it that we all - myself included - believe these stories? Why are we so quick to assume that the TSA is a bunch of jack-booted thugs, officious and arbitrary and drunk with power? It's because everything seems so arbitrary, because there's no accountability or transparency in the DHS.

Secret courts making secret rulings on secret laws, and companies flagrantly lying to consumers about the insecurity of their products and services, undermine the very foundations of our society.