>People shouldn't have to take extra steps and burn extra CPU cycles for security. If I have to recompile everything to harden my system, I likely won't bother. >Pretty much everyone benefits from hardening, but not everyone has the resources and know how to do it manually. Just choosing what to harden is already not a trivial question.
Then have hardened be the default and have --hardened=off be the package transform option?
