I refuse to bother with the whole security circus in that I think it glorifies – and thus encourages – the wrong behavior. It makes “heroes” out of security people, as if the people who don’t just fix normal bugs aren’t as important.

In fact, all the boring normal bugs are _way_ more important, just because there’s a lot more of them. I don’t think some spectacular security hole should be glorified or cared about as being any more “special” than a random spectacular crash due to bad locking.

…

To me, security is important. But it’s no less important than everything *else* that is also important!