| ▲ | fsflover 2 days ago | |
> people who don't want a strong security model can use something else You have a very special threat model, which you for some reason always call the best or the only one reasonable. In reality, depending on the user's threat model, your approach can fail miserably. For example, if my threat model includes that Google can utilize their control over the hardware to undermine my security, then your approach fails [0]. And this is a real-world example. Don't get me wrong, I still agree that your approach is very secure, it should exist, and you're doing an amazing job for the Community. Just that you shouldn't behave as it's the only viable one. | ||