[gravypod]

> How is this not a solved problem?

Because we better understand the threat vectors that are imposed on the company from sloppy IT practices and as such are more willing to take security measures to prevent these things from happening.

We are also, at the same time, too stupid to realize that not everyone want's 5 applications just to encrypt their mail with a PGP key. When we make it so that by logging into a service with a password your browser can derive a private key and public key and use that to sign and send email we will have larger adoption. This will only be the case if it automatic.

Sure it's less secure but less secure is better then unused.