>
And there is the real flaw: not the use of passwords, but the silly notion that average people should memorize them. WRITE THE DAMN THINGS DOWN!
Write them down, then what? It needs to be secure, you don't want someone else getting their hands on your password. It needs to be accessible, you may want to access that site on the go.
Beyond that, for the average user convenience will kill that idea quite quickly. After a few times of "I lost the damn paper" or "I left it in my other pants" etc... they will decide it's simply too much of a hassle and go back to their familiar memorized passwords.
For instance a month or 2 back, jailbreakers were able to just visit a website through mobile safari and execute one exploit after another to compromise the entire system and install unapproved software like Cydia. That's a rare alignment of exploits, but who can really say it won't happen again via a malicious attacker?
The most amusing part of that was walking through the local Apple store and noticing Cydia on one of the iphones. Checked the rest of them and realized someone had gone around and jailbroken every iphone in the store, I got a good laugh out of that.
All sarcasm aside if GP is referring to the incident I'm thinking of that was only because people never changed the root password after jailbreaking. More recently with the iOS PDF exploit tools to help users protect themselves were available to jailbroken users 3 days after it was widely known (release of Jailbreakme.com which used the exploit). "Jailed" devices had to wait for a fix from Apple which came 10 days after. This is still a good response time and should not be taken as a bash on Apple, it does illustrate that assuming jailbroken automatically means less secure is wrong.
And I bet the 'uninstall' process involves reflashing the device, too.
I applaud your optimism but I suspect the uninstall process may require a good-sized hammer.
Our OS who art in CPU, UNIX be thy name. Thy programs run, thy syscalls done, In kernel as it is in user!