[tptacek]

They can be argued with, easily. But we don't reach that argument, because it has nothing to do with safety. You make choices in favor of "federation" and "progress" because your life is not on the line when you send messages. That's fair! Most people's lives aren't on the line! But when we talk about messaging security, we have to consider the users for whom secure messaging is intended: people who really are entrusting their lives to software.

It's helpful to compare secure messaging to medical software. If we were talking about the software that controls the radiotherapy machine, no rational person would would have any priority other than safety. But of course almost nobody interacts with radiotherapy software, and everyone interacts with messaging software, so it's hard to see the connection. But it is there.

[sergiosgc]

So, it is not about ergonomics or any other argument, except for security in an undisputed altar. I disagree with the principle, but personal principles are not challengeable. We'll have to disagree.

Just keep in mind this principle is personal, not shared with you by everyone. For example, I distrust security by central organizations, like Signal.org. They're an amazing target for bad actors.

[tptacek]

Correct: in this particular problem domain, safety is the overwhelming priority, just like we don't care about the UX framework or the open source-ness of radiotherapy machines.

[sheepdestroyer]

You should care about opensourceness of personal medical devices like pacemakers and insuline pumps though. Precisely for safety concerns.

[skrebbel]

Haha this comment must be maximum HN. Hats off!