This year saw a number of notable events. The 2002 Sarbanes-Oxley Act, with its harsh penalties for public companies that lack internal data controls, finally kicked in. Phishing proved profitable for fraudsters, and at the expense of big businesses. Spam proliferated, despite federal and state laws that netted a few convictions. Vulnerability management stepped forward with the adoption of the new Application Vulnerability Description Language standard. While patching remained a huge problem, mainly because there seemed to be so many holes to fill, it prompted industry leaders to band together to demand safer software. Meantime, Microsoft unveiled the massive XP Service Pack 2 to demonstrate its commitment to secure software. At the same time, Microsoft’s Internet Explorer became the fave flaw for exploits, prompting an upstart open-source browser, Mozilla’s Firefox, to declare war — and market share. Then there was a national obsession with tamper-proofing e-voting. Here is a sampling of interesting comments that helped define 2004.