His writing is elegant. He advocates for elegant and uncomplicated computer security design. His positions are simply, plainly spoken and just make so much sense.
From a recent op-ed on Katrina and the government response:
Funding security based on movie plots looks good on television, and gets people reelected. But there are millions of possible scenarios, and we're going to guess wrong. The billions spent defending airlines are wasted if the terrorists bomb crowded shopping malls instead.
...
Our government's ineptitude in the aftermath of Katrina demonstrates how little we're getting for all our security spending. It's unconscionable that we're wasting our money fingerprinting foreigners, profiling airline passengers, and invading foreign countries while emergency response at home goes underfunded.
...
Katrina deftly illustrated homeland security's biggest challenge: guessing correctly. The solution is to fund security that doesn't rely on guessing. Defending against movie plots doesn't make us appreciably safer. Emergency response does. It lessens the damage and suffering caused by disasters, whether man-made, like 9/11, or nature-made, like Katrina.
More on the "movie plot approach to security in this piece on Wired News.
Read his blog regularly for a clear and IMHO right-on analysis of the difference between programs that provide real security, and those designed to molify voters (Like passenger profiling).