Not sure if those points are still relevant
Probably the best fast way to get an intuition for this is to realize that Shamir Secret Sharing is literally a generalization of the One Time Pad to support N of M threshold security and so it shares in common much of the same "theoretically perfect", "insecure in practice", and "highly appealing to people who don't know better" properties.
Of course, there are places to use it-- especially embedded inside other systems-- but unfortunately most of the interest comes from places where it doesn't make sense and this reality is reflected in the software.
but sometimes you just have to write down passwords. you can use a password manager, but then you need to guard the master password. you can use a TPM with a PIN, but what if you lose the PIN or get hit by a bus or the TPM gets fried?
so either you write down the whole password in at least one place, or you write down shards. shards seem safer.
The added threshold part is often not easy to justify vs, something like having two factors (data and key) and backups of each.
It's also the case that my link is specific to Bitcoin where there are really good alternatives.
All the fault information there is in software people would have gone and downloaded instead of "rolling their own".
It's not like cryptography software is magical gift from the gods, someone wrote it.
And often the people writing SSS software do not do a good job, partially because the properties that SSS by itself provides are not very useful and if they were thinking carefully they wouldn't write it at all.
I've been trying to come up with a good way to give my loved ones access to my KeePass vault in case I am incapacitated/dead. ssss for the password isn't great because I don't want something complicated and error prone.
My usual method for syncing my vault is to use Google Drive and this method would work well with this since I can just give said family members access to the encrypted vault but send the keys individually. Since I don't rotate the password on this vault, these partial keys only need to be sent once.
I don't need anything too complicated. I just need to be able to set it up such that any two of my trusted love ones can access this vault in an emergency.
My use case was that I need to encrypt/decrypt private keys on an offline device, and I wanted a single file "program" that runs on any device.
Taking the message bytes (starting at byte 23), you can run a frequency analysis and recover any sufficiently long english message from a single shard.
I have not come across a good library that implements SSS over finite fields that was easy-to-use, reliable, or robust. Any suggestions would be welcome.
There are some tricks to do this correctly but once you have enough shares copy the scrypt binary data back to individual files and decrypt it. Then combine the shares and voila your friends have helped you keep something secret that even if enough of them turned on you they would still need the scrypt decryption password.
Anyway, who cares about the name, it's a pretty cool website :)