Re: I disagree.
"Here's the real crux, security is not sexy to the general populace, it's a matter of need, but it's implementation is largely done by people with knowledge. Look at something as common as TLS and the now defunct SSL. To a general user, this just "works", but have you actually ever setup a CA and pushed that out to more than 1 or systems? It's an effort."
More than that. It's a matter of TRUST. SSL and TLS both depend on certificates, which in the general use case have to rely on Certificate Authorities. Which means essentially Alice and Bob have to trust Trent. Thing is, sometimes Trent is really Mallory (or more often Gene), so you're back into DTA mode.
Making SSL/TLS "just work" requires a level of trust that in today's world could be considered ill-placed. And people are getting sick and tired of all the hoop-jumping. Go back to the front door. A burglar can just kick the door down, but trying to guard against it is too much hassle for the ordinary person to deal with. Yet people complain about break-ins at the same time, which means customers are demanding the impossible: something that's too easy to break and yet too tough to go through everyday.
Or in a nutshell, "Not Enough is Too Much."