Given that background, I'm especially impatient with anyone who's quick to criticize those who work for any of the security-related agencies. These people make some pretty amazing sacrifices, like being subjected to intense scrutiny of their personal lives. Unless you've been strapped to a polygraph and grilled on things like your association with non-U.S. citizens, it's impossible for you to appreciate what these individuals give up in order to serve their country.

All of that said, these agencies and their employees have a sacred duty to protect us; consequently, they need to be held to an extraordinarily high standard. They're hardly infallible, so they make mistakes. And when they do, corrective measures need to be taken immediately.

That can be a very complicated endeavor. Take the case of Russell Tice, the NSA whistle-blower who has identified himself as a source for the recent New York Times story that broke the news of the agency eavesdropping on U.S. citizens without a warrant. I don't know whether Tice is the psychotic that the NSA reportedly claims he is, or the courageous patriot that some in the media are making him out to be. I will say that if his motives were noble ones, I have to wonder why he's going to the lengths he is to grab the spotlight. It just goes to show that red, white and blue isn't black and white.

In any case, it's easy for me to call attention to security agency screw-ups now, because while I have nothing to gain, I have nothing to lose, either. So I can't let the Department of Homeland Security news that we covered last week slip by without comment.

Computerworld's Jaikumar Vijayan reported that the DHS is spending US$1.24 million on a project designed to improve the security of open-source software. The money is being paid to Stanford University, Symantec and source-code analysis vendor Coverity to build and maintain a database of bugs they find in open-source apps.