To me the difficulty is more with writing generic code and maintaining abstraction boundaries. Unless the language provides a way to generalise over asyncness of functions, we need a combinatorial explosion of async variants of generic functions. Consider a simple filter algorithm it needs versions for: (synchronous vs asynchronous iterator) times (synchronous vs asynchronous predicate). We end up with a pragmatic but ugly solution: provide 2 versions of each algorithm: an async and a sync, and force the user of the async one to wrap their synchronous arguments.

Similarly changing some implementation detail of a function might change it from a synchronous to an asynchronous function, and this change must now propagate through the entire call chain (or the function must start its own async runtime). Again we end up in a place where the most future proof promise to give for an abstraction barrier is to mark everything as async.

Iphone 7 got an iOS update to 15.7.7 in 2023 and its truststore contains the ISRG Root X1 certificate: https://support.apple.com/en-gb/HT212773 I am unsure which apps you cannot install but a quick look in the app store indicates that Zoom, LinkedIn, Notability, 1Password, Disney+ and Netflix all support iOS 15.7. And in my anecdotal experience I could find no app with a minimum OS requirement greater than 15.7. As far as I can tell you need to go back to iPhone 4S to find an iphone which does not support the LetsEncrypt root certificate. That device is only 11 years old, so still worse than your Android device. And I do not think there is a workaround by using a different browser like for Android.

Or they should if they are web facing. For security reasons at least.

I do not think I have a point, you just made me remember some fun and dreadful moments.

As for 70 bits password, it might be enough, but you need a lot of iterations (2^58) if you want to completely make up for the lost security margin. Which will also be unusably slow in practice.

[1] 28 characters in a single case, 23 characters if both upper and lower case are used, 22 characters if you include numbers, 12 words if you use a word list of 2000 words and sample uniformly

As an aside(since you used him for the author) I found it interesting that the author (according to her LinkedIn profile) is a woman. My initial prejudice was that giving so much more than everything to your work sounded like something that is only possible if you have a partner taking care of everything at home. And I immediately assumed this must be due to traditional family roles.

Unless you fine the company enough for it to go into bankruptcy in which case the shareholders are protected by limited liability and the creditors take the hit instead. But the bankruptcy angle is completely irrelevant to this case, none of the fines considered are close yo bankrupting Google.

* Under MAR confidential information is not necessarily inside information, as one of the prerequisites for the information to be inside information it must be likely that it has a significant effect on the price of a financial instrument if made public.

If the problem was about enforcing a signature, you do not need a blockchain, each party to a contract can just store the cryptographic signature themselves or with one or more trusted custodians. That is a fundamental feature of cryptographic signatures not blockchains. And then you need some mapping from legal entities to public keys, but this might as well be a centralized database run by the government (potentially outsourced to a private contractor), after all in many jurisdictions the government already keeps a list of legal entities and metadata about them.

It might very well be that it is preferable to the organization as a whole to sacrifice a bit of productivity everywhere for less burden on IT. But IMHO it should not be a decision which the IT department can make in isolation.