There's the typical mix of good and bad points in this manifesto, but I wish the people willing to sign their names to it had a better record of success implementing the call to action inside their own organizations first:

    We call on software manufacturers to take responsibility for building software that is secure by design and secure by default—engineered to be safe before it ever reaches users—and to publish clear roadmaps showing how they will achieve that goal.