Is being discussed at work. Interesting criticism here of the basic approach:

http://www.microsoftmonitor.com/archives/001774.html

Whenever I read this kind of thing, it always leaves me with a lot of respect for security professionals – I just don’t have this instinct for trouble.