It's particularly exciting in Microsoft's PR department at the moment. The company that's doing so much to convince us that it's got Trustworthy Computing as dear to its heart as Dick Cheney's pacemaker is looking down the barrel of a potential two trillion dollar fine. You can read the details in our news story but in brief: MS was hauled over the coals by the Feds for security breaches in its Passport online ID service. It promised -- in writing -- to do it properly in future. This week, another huge hole was discovered that let hackers fake a URL and reset account passwords. The deal with the Federal Trade Commission can potentially incur a $11,000 fine for each user affected, and with some 200 million Passport users -- well, you do the sums. Even by Microsoft's well-heeled standards, that's a major wedge. Of course, it won't come to that. But the lesson is clear: next time Microsoft promises something it's been bad at delivering before, get it in writing with substantial penalty clauses attached. The downside is that institutional investors may start asking awkward questions about company liability when considering MS stock, and while that would normally be an excellent way to make an organisation mend its ways the market's shaky enough right now without this sort of scare. Could one fake URL really mess up the global economy even more? You know the answer to that one as well as I do. I look forward to the day when a recalcitrant rug is the biggest of our worries. Click here to see more of Rupert's diaries.