Is it just me, or is some excited "Look we encrypt everything, and look, we even use good algorithms and look at those key sizes!" becoming a red flag about the security of a service? Most of the times it seems to be someone being excited about using state of the art encryption and forgetting that encryption is only as hard as the system and the humans surrounding it.