> If you force them to actively install a backdoor then you increase the costs of attacking greatly.
I think that it's my fault, but I can't understand this sentence. Doesn't forcing someone to install a backdoor decrease security? The only reading that makes sense to me is "If you make it so that it's user action, rather than inaction, that results in the installation of a backdoor …"?
(For what it's worth, although I disagree with you, I respect your dedication to arguing this determinedly but civilly.)
What I meant was: "if you force an attacker who obtains a one-off copy of a password (perhaps overheard) to actively install a backdoor (in order to have the capability to perform an attack at some later time - as opposed to being able to passively maintain that capability by simply remembering that person's password pattern) then you increase the costs of attacking greatly"
I think that it's my fault, but I can't understand this sentence. Doesn't forcing someone to install a backdoor decrease security? The only reading that makes sense to me is "If you make it so that it's user action, rather than inaction, that results in the installation of a backdoor …"?
(For what it's worth, although I disagree with you, I respect your dedication to arguing this determinedly but civilly.)