I agree. This is why Apple is offering ‘login with Apple’. It’s safer than entering credentials.
> this happens all the time.
No it doesn’t. There are a few rare cases, but many more are stopped by review.
> Having some contractor spend a few hours poking at the GUI doesn't mean consumers aren't required to be responsible.
No, but almost nobody is dealing with SSH keys, and those who are should know how to deal with them.
These are consumer devices - if you need a device you can inspect the source for, these are not for you, but clearly almost nobody can do that.
I agree. This is why Apple is offering ‘login with Apple’. It’s safer than entering credentials.
> this happens all the time.
No it doesn’t. There are a few rare cases, but many more are stopped by review.
> Having some contractor spend a few hours poking at the GUI doesn't mean consumers aren't required to be responsible.
No, but almost nobody is dealing with SSH keys, and those who are should know how to deal with them.
These are consumer devices - if you need a device you can inspect the source for, these are not for you, but clearly almost nobody can do that.