The quote comes from this email thread. I agree with Tim here, especially having dealt with some of the issues he mentions in his message.
Security on the web is important, but I feel that there should be a way to bless web applications/sites as trusted, allowing them greater permissions. As it currently stands, browsers seem to be on a trend of increased security warnings and one-time "allow" buttons. I feel that over time, users become trained to click "allow" without any thought, negating it's purpose. That's not even to mention the greater issue of whether users truly understand the implications or how to determine when pressing allow is ok.