Fair enough. I’ll remove the posts.
I never argued against adding security to openHAB. I never argued that adding security is a bad thing. But arguing that that the REST API not having authorization and authentication is not a big risk for most users right now seems to be too controversial.