[tptacek]

These are all interesting points but I think they're not going to matter much. I think that whatever device most people carry around to communicate with in 2030 will be unbreakably encrypted by default, even against attackers so advanced that their quantum computers are handheld.

Forget about what random developers do with crypto. I agree: generalist developers will probably never get reliable crypto right. But they won't have to, just like they don't write their own TCP congestion control algorithms. Every programming environment available will provide unbreakable crypto by default without asking. You'll have to go out of your way not to have it; it'll be like raw sockets, where the environment sort of looks at you weird for even asking.

There are UX issues with strong crypto, but:

1. They're getting sorted out quickly.

2. They tend not to apply to the simplest and most common cases, which are actually the ones that matter most to public policy.