Try an energy link and go check CVEs using the string openssh for starters. Kernel? No. All the crap in the back? Oh, yeah.
Some kids will become good and responsible coders, but not all kids. Some will be artists, musicians, mechanics, farmers, etc., and for the rest of the world that doesn't code, a heavy responsibility is placed on the FOSS community to do code reviews.
People don't compile at all. They download binaries, and they don't know the difference between an MD5, a SHA-x and a hole in the ground. Binaries therefore need special protection. Open Source doesn't mean anyone's actually looking at the code, and there needs to be peer review on critical components given with distros, but this isn't guaranteed to happen. Instead, there's an incredible bloat of stuff that we HOPE is good. An actual process might be better. What kind? Something more than Linus yelling at you.
I would agree with you, but we need to train them first so as to avoid the problems associated with the usual tech support issues. There are many that could easily qualify, including token devices, session-based tokens, even anonymized public keys. Many choices.
But businesses don't want the overhead, and no one seems to get punished except----> users when the info is breached or misused in any way. Nobody seems to get punished.
"Locks keep your friends out; your enemies have pick tools".
You can make anything up you want, but changing them frequently is the key to killing their usefulness when there are bulk thefts of passwords. These things go undetected for months. If you'd changed already, you're good-- unless the crack gets the deltas, too, which is unlikely.
Stupid passwords will still be stupid, but no use to go to incredible lengths unless your keys are extremely valuable-- then go to a Yubikey or another secondary auth. Key age is probably more critical than its ability to be dictionary attacked, IMHO.
Liberty exists rarely, anywhere.
You see, it might be Dubai, but the software will be perfected there, and it will migrate elsewhere. Slowly, it becomes acceptable in a conventional sense. Then it becomes "the norm".
A thousand cuts..... then a million.
Already here. One more intake method.
Depends on the jurisdiction and the procedures used THERE. How many stories about languishing in jails do you need to become reviled at the concept?
You forgot to mention the necessary sense of walking around: liberty. Even if you're a "positive", what of due process? Will you land in a jail, await a long process? How and who guarantees that you'll be then excluded if you're falsely positive? It's a slippery slope. Google has opened a Pandora's box of paranoia.
Will people stop traveling in fear of false-positives? Where are governments permitted to gnaw on their citizenry, privacy death by a thousand cuts?
Oh, the persecution complex, a martyr for ostensible blindness in capitalism maybe?
None of this is tough, and there is no science fiction, and the post cites oh, 10 CVEs in four years. My underwear has more than 10 CVEs in the past four years.
So maimed are these Tea Party software sweatshirt-wearing jokers that they're taking their bruised asses into BSD, and any place, anyplace but Linux.
No, they don't tell you about any of the actual features, they just cite covering their system's butts cause they can't kill -1. You can still hobby, still futz, still cobble with Linux. And you can run huge multi-core systems with very complex (o)virting, docker, ad infinitum while you learned a few new dependencies.
Those that compare all this to WIndows 9 know neither Linux or WIndows to make such an abrupt comparison. Adoption? It's not science fiction folks. It has similarities to how Solaris has evolved, and you can take a look at Solaris for some of the roots about WHY systemd. Go ahead and initd if you want. Nobody's stopping you. RH, Deb, etc, didn't pick this because it was stupid, or because they're part of a herd. All of them have strong egos, and they picked systemd because it's so NOT 1986.
For other reasons, I'd recommend against.
1) why raise a red flag (sorry for the pun)
2) gmail reads all your stuff and sells the keywords to the highest/best bidder, so your privacy is zippo
3) yes, a good POP3 provider can also reel-in mail from other accounts and become a personal email center.
4) most of the spam I get desiring replies uses gmail, so training them not to respond to gmail users might be tough; they need training in general and you need to do that first and foremost before making decisions about what method you want to use.
5) two-factor authentication is likely beyond their capacity to understand. I'd make this one really simple. Use an auto-updating Linux (like Mint), then setup a menu with few choices. Nothing Windows, and if you send a Mac, be sure it can be supported in their locale.
But there's no fingerprint, not picture, nothing to feed to big data some place. There must be control. Having a child outside of the system means an aberration. We must have no aberration. All must be tracked. There might be as much as $2.20 in theft! Imagine-- not eating those nutritious lunches, packed with carbs and "brain food"!
I've been fond of "up the system". Fingerprints. Yeesh.
And worse, Amazon pimps the Fire Sale Phone with that all time, well-loved and respected AT&T-- champion of all that is holy and moral in telephony.
The incentive to find the boundaries of what kills your clientele and what just makes them gnash their teeth but return is becoming a science of profitable intolerance.
Bribed legislatures have trashed consumer protection laws or made them ignore updating them. It's almost like large organizations have voting rights. But nobody cards them at the polls if the campaign contributions are fat enough.