Not to use a debate cliché, but isn't this a ridiculously shameless ad hominem? He's published the protocol and disavowed any intellectual property claim to it. Let's focus on critiquing the protocol.
Actually it's still ad hominem. The fact that you completely ignored the original post and instead attacked Steve Gibson, is indicative of an ad hominem attack. If you'd even said, this new idea is ridiculous because QR codes are inherently insecure (which is false) you'd be fine.
A: "All rodents are mammals, but a weasel isn't a rodent, so it can't be a mammal."
B: "I'm sorry, but I'd prefer to trust the opinion of a trained zoologist on this one."
B's argument is ad hominem: he is attempting to counter A not by addressing his argument, but by casting doubt on A's credentials. Note that B is polite and not at all insulting.
It is never fallacious to point out the historical unreliability of a source. It is doubly never fallacious to point out the unreliability of a source, on a given topic, when discussing a new claim, on that topic, from that source, because that information is relevant to how we approach and evaluate the new claim (i.e., claims from historically-unreliable sources should be subjected to greater initial scrutiny).
Also, you've presented no actual rebuttal of whether Gibson's history is relevant to evaluating his present claims. Rather you've merely stated the name of a logical fallacy. Which is, itself...
It's still an ad hominem - the merits of his argument should stand independent to who he is or his history on any topic.
Doesn't mean it's not worth talking about, though. After all, science is entirely founded on a kind of inductive reasoning, so logical fallacies aren't crazy to consider.
Gibson's personality isn't the thing in question here, the quotation above is specifically about his history in security. If the comment was about how he's a major asshole (just an example, I'm not saying that) in conferences or something like that, it would be an ad hominem, as that sort of information would not be relevant.
I disagree. He doesn't address the actual topic here at all. All he is doing is saying that Steve Gibson is a charlatan.
His history as a security professional has no bearing on the actual content here. We are all talking about an idea SQRL not Steve Gibson. If you said, "SQRL isn't worth my time because I don't trust Steve Gibson" that's fine, but the author made no note on SQRL at all, he just attacked Steve Gibson and let it be.
Sure there may be precedence to say that SQRL isn't worth your time, but Steve's credentials don't affect this idea at all. For all you know he may have been given the idea by a team of security researchers who wanted to see if the top post on Hacker News would be some bull shit argument about Steve Gibson. Obviously not the case, but come on let's talk about the freaking content here not the man.
The saying "throwing the baby out with the bath water" comes to mind. Let's look at SQRL and see if it actually makes any sense before we throw it all away.
It may not be as strong an argument as, say, going through the crypto with a fine-tooth comb and finding flaws. However, I'm not qualified to do that, and most of the people commenting here aren't, either. Even so, we might have to make a decision about going forward with the information we have.
Bringing the quality of a person's previous work into the discussion is a necessary shortcut. We can't all be expected to have expert-level knowledge on everything.
Sure, if you're using an appeal to authority as part of the argument in favor of the protocol. Hopefully we're relying more on logical analysis of the protocol than we are on the proposer's authority, in any security context. Isn't that one of the points of open protocols?
Personally, even if the design is ok, I don't care to give this chucklehead any publicity. Maybe the blind squirrel found a nut (see what I did there? SQRL?) by getting a design right. Doesn't mean it's anything particularly clever, or that we should use it and give him something to base his incessant self-promotion on for the next 20 years.
There are a few types of ad hominem but they all involve using some property of a person that is only tangentially related. This note about how the majority of the security community sees Steve Gibson speaks directly to an assessment of his ability in this field.
