I was just embroiled in a dispute with someone who is selling security related software that refuses to address key issues with their security model. I think the situation is probably similar here, software engineers that have the best of intentions but simply lack the expertise to properly execute. Most programmers are engineers who are perfectly capable of building out a working system. However, when it comes to security related software, it's not good enough for something to just work, you have to be able to have a deep understanding of how every component interacts with the larger system.

Lol, users don't understand certificates and I doubt that most geeks are capable of managing them.

This has nothing to do with HTTPS, it's the ability for the service provider to spoof the UI of the Javascript PGP client.

There are usable and secure E2E email clients, but they require a separation between the messaging system and the software used to retrieve it. With traditional software distribution, we can rely on reproducible builds and security audits to increase the cost of backdooring software. On the web, each provider can deliver a custom (backdoored) version of their software to the target on demand.

It's in TFA.

This has nothing to do with HTTPS, it's aimed at PGP and OTR clients that are bolted onto web interfaces. The problem is that these interfaces can be spoofed.

It's based on a decade of research, the 90% figure comes from actual behavioral studies in which researchers asked participants to login to their bank accounts and removed the "site-authentication" image.

Eventually the METAL Linux kernel module (C -> JS + asm.js) will boost overall processing speeds by ~4%.

I'm sorry, but this is the same argument that people made against Java in the 90's, when Java was a few orders of magnitude slower. But as time went on, the total percentage that the computational overhead took up dropped to less than 1% because the hardware got faster. Java's success shows that developer convenience is a very powerful thing.

Carefully avoiding all known patents puts them into a better position, even if the position is just a smaller number of patents.

I think there are two distinct worlds, people who handle the distribution of video and content creators. For content creators, they need highly polished GUIs ... like those provided by Final Cut Pro and iMovie. There are also batch video conversion tools that are entirely oriented around the GUI.

I actually read through some of the patents Nokia was threatening VP8/9 with and they really are not sophisticated at all, they are just written in the most confusing possible way. For example, the following paragraph is from a Nokia patent that basically describes the selection of neighboring pixels:

I was planning on busting all of the Nokia patents myself, but then I got busy :p

Bonus: This Film is Not Yet Rated is on YouTube.

After seeing the blatant and pointless censorship pushed by the movie industry's version of the ESRB, all I can say is that I hope he does as much damaage as possible.