pull down to refresh

Watched the clip from the Fosscon on the link. Is openssh is still considered to be a big security problem?
Not sure what to think of it all, he seems to be conscious of walking a line between practicality and acknowledging that the protocol should not be changed whimsically, which is a lot better than I can say for the days of Roger Verr and co. But still. Hmmm.