by Karl Denninger
I’ve been under an NDA and thus couldn’t post this for a while, but with the now-released Marshmallow update for the Priv BlackBerry has elevated itself to being the only Android-based smartphone you can purchase if you have any concern for actual security.
Let me explain.
Security is always a balance between hassle and safety.
That is, you can always design an extremely secure paradigm for something, but as you do so the hassle factor tends to increase. At a certain point people say “**** it” and start cheating. This is why “password re-use rules” tend to get violated by the user putting a sticky note on their terminal, for example; if you say “must be 10+ character, must contain at least one number, one special character and both upper and lower case alpha, and must not be any of the last 10 passwords” you’re inviting the user to write it down.