I hear what you are saying Mack, but from the end user's perspective it doesn't make much difference really. Either your stuff is secure or it isn't, and potentially if everyone else in the world has the same problem it will get fixed sooner rather than later. At least this way we can sidestep vendor lock-in.

Plus the industry tends towards widespread adoption of best-of-breed solutions, or "de facto standards" like Kerberos, DNS, SSL and so on. Lesser players in the security field tend to become historical footnotes rather than bulwarks against widespread exploitation.

No Matt Bryant irrelevant and ill-informed comment???