"We have information on security practices out there. The disconnect is that we don't have an intermediary that says how these things apply to you as you build Web 2.0 or other applications," Hoffman said. "Will a nonprofit or some other group arise that tries to publish standards? Probably. We definitely need a central clearing house of good information, because there is a lot of bad information out there."

Are there any articles on Web 2.0 security out there that are not made up of Billy Hoffman quotes? I hope not..