discusses the "catch and patch" cycle of security bugs, introduces some attack types and potential defenses against them, and talks about the technical, psychological, and real-world factors (such as market forces) that stack the odds against secure application development. It also suggests some ways that society, our governments, and we as individuals can help make the Internet more secure.