I am not the author.
I found this blog to have both a short summary of the reasons as well as a pretty complete overview of the options for protecting against this specific threat model.
I can just send this to people and they'll understand the why and the how.