Incompetence at its finest!

Could, may, etc. does not make for useful predictions. And while resilience to hardware failure sounds nice, the things degraded by ageing are the higher-power elements, like com line drivers. These give you full-chip loss and they are relatively homogenous in effect, i.e. they will take out almost all your hardware in a relatively short time.

On the minus-side, LLM results look less and less valuable every day as actual research (not just gut-feelings and hype) starts to roll in.

In theory, your professor was right. In practice, not so much. The thing is theory requires perfect proofs. Practice only "good enough" ones. (We will ignore that the one-time-pad is mathematically proven secure, because it has little practical relevance...)

So that state of things is that ElGamal has a security proof relying on an unproven assumption that is very likely true. RSA is much weaker on the theory side and current block ciphers or crypto-hashes are even weaker on the proof side.

As to QC, the problem is that effort seems to scale exponentially with qbit numbers and (!) computation length. That means there are not very large sizes of computations they will never scale to. And, for example, doing RSA 40960 (i.e. 10x larger than the larges typically used today) is not that much of a problem. The second problem is that there is no quantum computation in existence that actually conclusively proofs it even works. The theory may well turn out to be a tiny bit inexact and then everything fails. And "quantum insecure" does not matter one bit if the machine for it cannot be built.

As to QC algorithms, block ciphers are safe, hash functions are safe, some other things may be as well. The reason is the compute mechanism cannot really break them (half bit length for block-ciphers, for example, still completely infeasible to attack if that is 100 bits remaining or so).

Unfortunately, the CRA only goes active end of 2027.

Shares get taxed on price, not on value.

Not yet. This would require some level of AI "agent" collaboration that is not really possible at this time without breaking basically everything. But model poisoning is already very feasible and probably done in practice, especially as the amount of poisoned training data needed does not seem to be large.

The dumb people are still there. Or have you somehow overlooked that a lot of people voted for this? Hence I have no clue what you are talking about when you claim I am ignoring things.

You need to take into account that the hardware does not keep forever. For this type of hardware, the errors probably start to become a problem after 5 years or so, because it is being run fast and hot. Hence hardware is not a sunk cost, but an ongoing cost.

Exactly my take as well. This is about making some people money, not about any real risk.

Definitively. Always insist to get the security of a known-good classical algorithm in addition. Relying on something "quantum safe" alone is pure insanity at this time.

My bet would be that breaking something like RSA 2048 with a QC is not possible in this universe. It is too small and has not enough remaining lifetime.

It is not old enough and may still fail with catastrophic weaknesses. The way to go for new products is to use hybrid encryption, where a successful attack requires breaking both a quantum safe algorithm and a classical (good) one. Or, if you can, stay classical, since Quantum Computers are very, very, very, very far removed from being able to break any real encryption. In fact, after more than 50 years of research, these "machines" can factor 29 currently (well, one could and that was with moderate cheating as it was not with the general algorithm, but with one specifically adapted to factor 29). For reference, that is 5 bit. Current RSA recommendations are 2048 bit or longer and 4096 for long-term, security. If the keep doubling these bits every 50 years (which is a really big "if"), RSA 2048 will be within reach in about 400 years.

Yes. And I hink the Brave filter is working quite well.

Indeed. MAGAs are hallucinating worse than the least capable LLMs. Quite an achievement, if not a positive one.

Looks like we are going towards idiocracy.