In an article on Salon they have some interesting quotes from Shneier as well as others. I've been preaching this particular little gem of logic for a couple years now:

That's because, according to [Bruce] Schneier, adding strength to your software is not a high-yield proposition: Customers don't go out of their way to pay extra for security, and, as Microsoft's track record has proved, you wouldn't lose much anyway if you shipped software that was hobbled by one or two, or two dozen, major flaws. In the typical software operating license, most software vendors, including Microsoft, disclaim any liability from bugs their software might abet. If Microsoft makes a stupid mistake in its code that makes it easy for someone to come into your home and steal everything you have, Microsoft is not legally responsible for any of your losses. "And until that changes, none of the security will get better," Schneier says.


Get the whole article (you need a Salon Day Pass to read the whole thing - the pass is free):

Salon.com Technology | Dumb software for dumb people