"Properly implemented" is doing the heavy lifting in that sentence.
Four paragraphs down from your quote is this:
Their attacks ranged from integrity violations affecting specific, targeted user vaults to the complete compromise of all vaults within an organisation using the service. In most cases, the researchers were able to gain access to the passwords – and even make changes to them.
If E2EE were properly implemented, the above would be impossible.
This is what Bitwarden claims to do, and yet we have a paper showing that with a compromised server there exists a vulnerability.
Natura's research reactor is designed to first prove the LFMSR concept at megawatt scale, then be converted to prove that MSR reactors can reprocess existing nuclear waste as a percentage of its fuel. Which means we could take all of the current stockpile of nuclear waste and re-burn it to the point that it's 90% consumed (instead of 5% consumed today) and leave a waste product that decays to safe levels extremely quickly (tens of years).
Sure, but at the end of the day even if you don't update your vaultwarden server or you rely on an insecure storage sync system like dropbox, your actual vault is encrypted with a key that only you know. Even if your server is hacked or the kdbx is leaked, your passwords are safe until someone breaks AES.
Contrast that with hosted services, who could very easily attach their own keys to your encryption key (whether now or in the future at the behest of the state) and you'd be none the wiser. E2EE doesn't matter much when the other end is controlled by someone else.
I'm not disagreeing that most people just want something to work without thinking about, and for that reason I'm glad that services like bitwarden and lastpass and protonpass exist. My intent was not FUD, just shining a light on the fact that keeping your passwords secure does not require trusting a company.
tl;dr:
and an observation or two:
What would the book version read like?
Speaking of, does anyone know of a Lemmy android client that allows hiding posts from new accounts? Boost doesn't do it and it's also a bit buggy. Bonus points if available on F-Droid
Okay well have you tried the BLAMMO GFY-AYM2? Half the price and now with 50% less spyware!
That rabbit's dynamite!
Sure, and to be clear I mean a liberty and peace that includes everyone that has historically been marginalized and abused by this nation's governments and by people who think they're superior to everyone else.
The problem with a melting pot (particularly one that was started by murdering and stealing land from a continent's worth of indigenous people) is that it puts bigots right next to the people they hate.
The benefit of a melting pot is that if the incoming generation can avoid being programmed into hatred by their parents, society trends toward true equality and equity.
I'm trying to maintain optimism that this current extreme escalation is the flailing death throes of a generation raised into bigotry and self-aggrandization, and that we'll come out the other side of this being a better society (the younger generations today are so much more openly altruistic and progressive on the whole).
In a sane world, any one of the atrocities would be enough to put a stop to these people.
In a realistic world, shining a light on all these different atrocities would be sufficient to convince enough people to protest/threaten the power of the spineless patricians who refuse to convict and remove the fascists from power. For example if Billy Bob the redneck says "I'm fine with kidnapping brown people but fiddling kids is too far!" then Epstein might convince him to support impeachment/removal.
In the current clown world we live in, nothing that the fascists say or do will un-brainwash their base, and somehow that's enough to prevent everyone else from making a cohesive stand against the evil.
So to answer your question: no, it's not worse. It's a desperate attempt to make something start tipping the scale back toward liberty and peace.
Imagine recommending Stremio when Jellyfin exists (you can use torrentio with Jellyfin as well).