Is being discussed at work. Interesting criticism here of the basic approach:
http://www.microsoftmonitor.com/archives/001774.html
Whenever I read this kind of thing, it always leaves me with a lot of respect for security professionals – I just don’t have this instinct for trouble.