>Security people (and armchair security people especially) think that security is the end goal.
This only seems to be your mistaken perception of what security people think. I'm a security analyst and I've never met anyone in my industry that believes that security is a goal that can be achieved. Security is a process that will never end.
>I don't think that this is a case where you want to trade off security for usability, and I don't think that generally those cases exist. You always want more usability.
If you believe that security is always a tradeoff(which you stated) and you believe that there is never a situation where you would want to make such a tradeoff, you are basically saying that there is never a situation where you would want security, which is ridiculous. There is always a balance between usability and security. In most cases, the scales will tip towards usability by a large margin, but there are times where a significant hit to usability in the name of security is the right decision.
This only seems to be your mistaken perception of what security people think. I'm a security analyst and I've never met anyone in my industry that believes that security is a goal that can be achieved. Security is a process that will never end.
>I don't think that this is a case where you want to trade off security for usability, and I don't think that generally those cases exist. You always want more usability.
If you believe that security is always a tradeoff(which you stated) and you believe that there is never a situation where you would want to make such a tradeoff, you are basically saying that there is never a situation where you would want security, which is ridiculous. There is always a balance between usability and security. In most cases, the scales will tip towards usability by a large margin, but there are times where a significant hit to usability in the name of security is the right decision.