It doesn’t matter, why the present is garbage, it’s garbage and we should address that. Statements like this are the engineering equivalent of “it is what it is shrug emoji”.
I don’t think your opinion is grounded on reality. The “it is what it is” actually reflects the facts that there is no way to fix the issue in backwards-compatible ways, and it’s unrealistic to believe that vulnerable frameworks/websites/webservices can be updated in a moment’s notice, or even at all. This fact is mentioned in the article. Those which can be updated already moved onto a proper authentication scheme. Those who didn’t have to continue to work after users upgrade their browser.
A lot of the web used to run on flash. Then apple comes around and says “flash is terrible and insecure”. Within a number of years everything moved away from flash, so it’s definitely possible to force the web in new directions.
I don’t think your opinion is grounded on reality. The “it is what it is” actually reflects the facts that there is no way to fix the issue in backwards-compatible ways, and it’s unrealistic to believe that vulnerable frameworks/websites/webservices can be updated in a moment’s notice, or even at all. This fact is mentioned in the article. Those which can be updated already moved onto a proper authentication scheme. Those who didn’t have to continue to work after users upgrade their browser.
A lot of the web used to run on flash. Then apple comes around and says “flash is terrible and insecure”. Within a number of years everything moved away from flash, so it’s definitely possible to force the web in new directions.
And most old Flash content is basically gone now.