answer "that's a business decision that's up to you, but FROM A SECURITY PERSPECTIVE ..."

I don't know what the OP's particular situation is wrt business perspective --- could it be that the bosses actually are looking at a tradeoff "ship now with internally known security problems, or try to fix them and not ship at all, and fail as a business"? If this is the case, one should probably think how to gradually integrate better security in long-term. Certainly, if there is a criminal negligence going on, then the "ship with known problems" is not an option! It is very easy to over-hype security, but remember that, in the end, it's all down to business bottom line. If you have a supermarket chain with some casual shoplifting happening, sometimes you want to invest $$$ not into more security guards and anti-theft tech that frustrates the customers, but into everything else --- maybe opening a couple of more locations --- and in the end turning more profit from the same investment.

*snort* "Today I found out...", indeed! Pretty old story. Ross Anderson's "Security Engineering" book has this "news" for smth like 5 years already!..http://www.cl.cam.ac.uk/~rja14/book/booksec2.html

Should have been from the security-theater-tickets-proven-expensive dept.

*snort* Reminds me of a 1960s J.Gordon sci-fi novel "Honesty is the best policy".

So the first question should nowadays be:

Have you ever successfully completed a polygraph cheating course? If yes, we won't hire you anyway.

Surely one of those patch Tuesdays will nuke it out of existance? Or the Windows Malicious Software Removal tool? :-)

How is this "you can get a cleartext password in a couple of clicks" is different from, say, kdewallet? With physical access to unlocked wallet you can also ask it to display the cleartext password. This actually helped me once when I forgot my sf password having relied on kdewallet for a while and then I had to retype it on another box.

Unfortunately, not using gmail doesn't mean gmail won't spy on you -- thanks to your helpful correspondents who use gmail themselves, or send a CC to a gmail address. Same with the social networks -- even if you vehemently ignore all the invites, all those helpful enthusiasts that use the networks' spam-invite feature also betray your social graph to whoever mines it.

Yep. And, regarding your "even if they do not decrypt it", I can't help quoting one of my favourite books on security: "The main problem facing the worldâ(TM)s signals intelligence agencies is traffic selection â" how to filter out interesting nuggets from the mass of international phone, fax, email and other traffic. A terrorist who helpfully encrypts his important traffic does this part of the policeâ(TM)s job for them. If the encryption algorithm used is breakable, or if the end systems can be hacked, then the net result is worse than if the traffic had been sent in clear." (See http://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c09.pdf p31)

Thanks a lot for this article, one of the best I've seen on /. recently.