Secure web servers are the equivalent of heavy armoured cars. The problem is, they are being used to transfer rolls of coins and cheques written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police.

Ability to type on a computer terminal is no guarantee of sanity, intelligence, or common sense.

The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it.

While travelling near Tampa, Florida I passed the "Jehovah's Witness Assembly Hall" and was struck by the fact that that must be where they make them.

People in general are not interested in paying extra for increased safety. At the beginning seat belts cost $200 and nobody bought them.

But it doesn't have to be this way. We can do things better. We need to stop doing business as usual and start focusing on end-to-end quality. Security needs to be built in from the start - not slapped on after the fact.

The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.