- no, I don't need protections for the side channel, I never asked for them
- no, I don't need a unique identifier, who is the demented person who asked you for it
- no, I am not going to glitch the power supply, and even if I did it means I am interested in doing it and wish it worked instead I was prevented from doing it
- no, I don't care at all about having a hw store for certificates, which are ephemeral and dropped from above anyway so what am I supposed to trust?
- and so on
"not secure by design" nowadays comes close to being a coveted feature
People fought against that and actually won, 23 years ago: https://news.ycombinator.com/item?id=10106870
Unfortunately, that may have been the only victory, as they slowly started introducing a lot of other stuff silently under the guise of "security".
"not secure by design" nowadays comes close to being a coveted feature
Absolutely. As the saying goes, "insecurity is freedom".