Microsoft No Longer a 'Laughingstock' of Security?

Toreo asesino writes "In a Q&A with Scott Charney, the vice president of Trustworthy Computing at Microsoft, Charney suggests that security in Microsoft products has moved on from being the 'laughing stock' of the IT industry to something more respectable. He largely attributes this to the new Security Development Lifecycle implemented in development practices nearly six years ago. 'The challenge is really quite often in dealing with unrealistic expectations. We still have vulnerabilities in our code, and we'll never reduce them to zero. So sometimes we will have a vulnerability and people say to me, "So the [Security Development Lifecycle (SDL)] is a failure right?" No it isn't. It was our aspirational goal that the SDL will get rid of every bug.'"

Surprising..

[do_kev]

I'm very surprised by this discussion for two reasons.

First, nobody has seemed to point out that the man raised over $5,000, and thus his loss wasn't quite as bad as the full $7,500.

Next and much more importantly, though, the man is making an important statement that police officers do not have the right to invent laws. The entire democratic process is based on police officers and judges having to follow laws that have been established by representatives voted for by the people. To bypass this process and allow police officers to do whatever they want because "it's not that much trouble" only opens the door to abusive law officials. He's out $2,500, for something that is at it's root a very worthy case (whether he should have just shown the receipt is a different issue, but I would argue that he is correct, he had no obligation to do so. If we as a society feel that he was obligated to do so, then we as a society should vocalize that we want a law stating this). Why are so many people being so judgemental?