Likewise. Heck, I was involved in rewriting a system which was originally careful to use AES and everything to protect stored passwords (this was a system which was trying to store them so that users didn't need to repeatedly type passwords to authenticate themselves to a database, so one-way-hashing them was not possible). The private key? Oh, why do we have to have one of those when we have something secure like AES? Just call getuid(), that's unique, that will do.
(The rewrite pulled strong random numbers out of /dev/random and wrote them to a mode 0600 file in ~, then used that as the key. I pointed out that this was as secure as we could make it without external key storage on a more secure medium or a requirement for users to type in passphrases, but that the security of the whole system was still no better than the security of the random key file, rendering all the password-protection pointless since we could just have stored the passwords unencrypted in the users' home directories mode 0600 and got exactly the same level of security. But, no, the spec said encryption so encryption we must have.)