There is no silver bullets for now, so one need to design the system with the knowledge that any nontransparent security will be made insecure by the users.
What does that mean in practical terms? It depend. It can sometimes mean to move the question of validation to a third party. It can sometimes mean multilayer security, so once the first line of security features goes down, the damages done can easy be reverted. It can even be insurance against liability so the user's security mistakes do not damage the user. In some cases, one could have a complex revalidation system instead of an complex validation system, so that its first when a user switches a device (say a phone) that all the non-transparent security will show itself. It all depend on the exact details and what the exact threat model is and who the intended user is.
This is why in my mind, articles like this one are missing the point. They are trying to announce a silver bullet, when such thing does not yet exist even in theory.
What does that mean in practical terms? It depend. It can sometimes mean to move the question of validation to a third party. It can sometimes mean multilayer security, so once the first line of security features goes down, the damages done can easy be reverted. It can even be insurance against liability so the user's security mistakes do not damage the user. In some cases, one could have a complex revalidation system instead of an complex validation system, so that its first when a user switches a device (say a phone) that all the non-transparent security will show itself. It all depend on the exact details and what the exact threat model is and who the intended user is.
This is why in my mind, articles like this one are missing the point. They are trying to announce a silver bullet, when such thing does not yet exist even in theory.