let's just say for the moment that whether it's basic security or 'bitcoin security' doesn't matter. we NEED to provide our community with great guides so that enthusiastic young people, even inexperienced, can read it and build according to standard.
and that means the rest of the community can say to them, hey, did you run through part X of our procedure? please publish your results.
i don't imagine something so advanced as a 'test suite' for all sites (impossible, i'm sure), but i do think we could at least start to imagine standards.
Okay, but RULE 1 of the guide is that you are only as secure as your weakest link.
Bitcoinica Hack #1 = probably an inside job at Linode
Bitcoinca Hack #2 = Patrick's email server was compromised, oops!
Bitcoinca Mt.Gox Hack = We didn't change a password Tihan re-used, sorry!
i think it's perfectly sensible to start such a guide with this kind of stuff, although i would drop the conspiratorial tone (even if it proves to be true).
How to make a secure bitcoin application.
CHAP 1: Why is security crucial when making bitcoin applications?
CHAP 1A: Security anecdotes from bitcoin's history (aka Stupid Mistakes)
CHAP 2: Basic server security
CHAP 3: Hot wallets vs Cold Wallets
etc