[notriddle]

> Not that I don't appreciate a security-minded platform, it just seems overkill for 99% of the people who'll purchase them

No man is an island. If my mom is insecure, then all the messages I sent her are leaked, too, no matter how secure I try to be. If my boss is insecure, then I'm even worse off than that.

Also, if high-security stuff is normalized, then you don't wind up stuck in a place where you have to choose between "the secure option" and "the option that can actually run the apps I need." E2E encrypting the whole world is also the best defense against the government passing laws that make E2E encryption illegal.

[smoldesu]

>E2E encrypting the whole world is also the best defense against the government passing laws that make E2E encryption illegal.

The government doesn't need to pass laws to ban encryption (at least in America) since they design the encryption standards themselves. It's basically common knowledge at this point that everything NIST cranks out is vulnerable to differential cryptanalysis beyond the domain of public understanding. Apple, Google, Facebook and the other top dogs all help create the illusion of choice in exchange for keeping the SEC off their backs.

[notriddle]

>It's basically common knowledge at this point

What is asserted without evidence can be dismissed without evidence.

And what's really annoying is that you are doing a bad job of arguing for a position that I actually kinda agree with. NIST has published a backdoored elliptic curve-based RNG[1]; don't trust them. Encryption algorithms need some sort of verifiable provenance for where those numbers came from.

[1]: https://en.wikipedia.org/wiki/Dual_EC_DRBG

[judge2020]

On that note, it's unfortunate that T2 can only create ecdsa-sha2-nistp256 secret keys. Right now I use Secretive but I might resort to a different utility that generates ed25519 and stores it within keychain, if there is one.