a saved comment on security ethics in a questionable situation

Slashdot ran an email from a senior security engineer lamenting his company's ethics in security auditing. Dan Morrill posted about it, which was my first exposure to it. I posted a comment on his blog, and he sort of lightly guilted me into posting it on my own blog here. Honestly, I had some points in it that I kinda didn't want to just lose to the ether, and instead save them here for myself. So read Slashdot first, then Dan, then my post will make more sense. I will concede points that say