that's the point of opinionated crypto libraries, yes

Personally I like that it's secure by default.

Those same security guys also think that "just hope that no bad guy ever gets root access, lol" is a valid threat model analysis, so whatever.