[dane-pgp]

To be fair, there's not much that browser makers can do about back end exploits and social engineering. Google aren't in the business of writing back ends for third parties, and it's difficult to know if a website's back end is insecure, so I don't know who you expect to hear "scream", or who they would scream about.

The article is about one practical measure that a browser maker has taken to improve the piece of user-facing software that they are responsible for, and some users of that software are applauding this improvement.

Having said that, I do accept your over all point that there is a lot of other work that still needs to be done in securing the web. As you suggest, that's not going to be easy, but let's not fail to fix the things that we can fix already.