I am regularly asked what the average Internet user can do to ensure his security. My first answer is usually 'Nothing; you're screwed'.

The user's going to pick dancing pigs over security every time.

If someone steals your password, you can change it. But if someone steals your thumbprint, you can't get a new thumb. The failure modes are very different.

Microsoft made a big deal about Windows NT getting a C2 security rating. They were much less forthcoming with the fact that this rating only applied if the computer was not attached to a network and had no network card, and had its floppy drive epoxied shut, and was running on a Compaq 386. Solaris's C2 rating was just as silly.

Technical problems can be remediated. A dishonest corporate culture is much harder to fix.

Liberty requires security without intrusion, security plus privacy.

When a big company lays you off, they often give you a year's salary to 'go pursue a dream.' If you're stupid, you panic and get another job. If you're smart, you take the money and use the time to figure out what you want to do next.