Chris Were 🐧 is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

@ChrisWere Why don’t the authors advocate also that “the only safe web page is text-only page”? Many of their arguments apply.

Why don’t they mention PGP? If origin of an email cannot be verified, then why bother reading it at all?

@KrzysiekJ Plain text websites would certainly be less user friendly, but I suppose outside of that you could. I think the general idea is that if you keep things simple it's easier to spot the smoke and mirrors.

Chris Were 🐧 @ChrisWere

@KrzysiekJ The absurd amounts of JavaScript we see on the web today could definitely be seen as an issue of security.

The article does imply security also ought to be user friendly, most people don't have a clue what PGP is. That's not to say we shouldn't encrypt, just that people's general lack of awareness is an inherent additional security risk, so in that way, the simplicity of plain text forces people to pay attention to what links they follow.