Secure web servers are the equivalent of heavy armoured cars. The problem is, they are being used to transfer rolls of coins and cheques written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police.

While travelling near Tampa, Florida I passed the "Jehovah's Witness Assembly Hall" and was struck by the fact that that must be where they make them.

Ability to type on a computer terminal is no guarantee of sanity, intelligence, or common sense.

But it doesn't have to be this way. We can do things better. We need to stop doing business as usual and start focusing on end-to-end quality. Security needs to be built in from the start - not slapped on after the fact.

Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted.

The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.

The Internet is like a herd of performing elephants with diarrhoea - massive, difficult to re-direct, awe-inspiring, entertaining, and a source of mind-boggling amounts of excrement when you least expect it.