[stouset]

This shit is really easy to armchair quarterback over the Internet where nobody wins and the points don't matter, but the reality is that figuring out how to design crypto applications in a way that keeps users secure without users disabling or ignoring sometimes-important security problems is a very hard problem. In fact, it may very well be the current hardest practical problem in information security.

So yeah, it is actually kind of like rocket science, and I guarantee you that Moxie has spent orders of magnitude more time thinking with, dealing with, and collecting data on this kind of problem than you or I combined.

[xg15]

And we're not moxie's investor meeting or senate hearing comittee. This is a layman discussion thread that he decided to join and answer questions in. (Big respect to him for doing that) So I believe even "stupid" questions should be allowed if they increase understanding or bring up new points.

Furthermore, this is an argument via authority[1]. Of course there are experts, but even an expert should explain and discuss his rationale in the interest of sharing knowledge (which moxie is doing here) - otherwise problems like this will stay "hard" for a long time.

[stouset]

I did not chastise GP for asking questions. I chastised GP for his hubris in looking at this problem for all of five minutes and confidently asserting that he has a simple, obvious solution that somehow a literal expert in the field completely missed, then claiming offhand that the problem isn't "rocket science" when in fact it's, in my estimation, one of the hardest practical problems in the entire field. We know far, far more about building secure theoretical cryptosystems than we do about ensuring actual humans use them in a way that doesn't break the seal and void the warranty, so to speak.

And Moxie has explained his rationale in this thread. Argument to authority isn't always wrong — particularly in the case where the other side has no data or theory to back up their claims. For instance, I personally only know little about the actual mechanisms behind anthropogenic climate change. What I do supports the notion. But I'd be lying if I didn't acknowledge that the most compelling argument is the absolute agreement by 99.9%+ of the actual experts in the matter.

Likewise, in the absence of any obviously compelling evidence validating GP's approach, combined with Moxie's explanation above and my own experience as a security engineer, I'm going to go with the guy with literally decades of both theoretical an operational experience here.