FWIW, many of these negative comments that I read and most remembered as making powerful points happily admitted, as part of the criticism (not a hedge against it), that the security issues inherent in Ethereum are due to the very factors that might have made it successful (such as making web developers think they can now write smart contracts by offering a language that looks like JavaScript and is even as quirky as JavaScript, and sweeping verification under the rug).
I actually see lots of parallels to companies like StackMob, Parse, and Firebase, which launched incredibly insecure "serverless" database products that didn't even support any notion of security and even as they added security would almost encourage "anyone can read and even write all of your data" in the documentation as even mentioning security in a tutorial made the product look hard to use.
But the result, of course, was that there were even companies offering dating apps that even claimed in their marketing "we are actually secure, unlike others", which were listed as featured users on the StackMob website, where you could just dump their entire database--including both offline Facebook access tokens for all the supposedly-anonymous users as well as the entire database of what they were saying to each other in their supposedly-private messages--as it was all public.
The market is fundamentally incapable of optimizing for secure products in the same way it is incapable of optimizing for open products. Both of these properties of a product are too complex for users to analyze and the benefits often come in some difficult to measure effect that happens on some difficult to predict timescale. We need to work on this problem before the "Internet of things" becomes too popular and we hit truly dystopian levels of insecure centrally-controlled products.
I actually see lots of parallels to companies like StackMob, Parse, and Firebase, which launched incredibly insecure "serverless" database products that didn't even support any notion of security and even as they added security would almost encourage "anyone can read and even write all of your data" in the documentation as even mentioning security in a tutorial made the product look hard to use.
But the result, of course, was that there were even companies offering dating apps that even claimed in their marketing "we are actually secure, unlike others", which were listed as featured users on the StackMob website, where you could just dump their entire database--including both offline Facebook access tokens for all the supposedly-anonymous users as well as the entire database of what they were saying to each other in their supposedly-private messages--as it was all public.
The market is fundamentally incapable of optimizing for secure products in the same way it is incapable of optimizing for open products. Both of these properties of a product are too complex for users to analyze and the benefits often come in some difficult to measure effect that happens on some difficult to predict timescale. We need to work on this problem before the "Internet of things" becomes too popular and we hit truly dystopian levels of insecure centrally-controlled products.