[OT] Why are you using the GPG / PGP keys?

Henry Hertz Hobbit hhhobbit at securemecca.net
Sat May 25 03:36:27 CEST 2013


On 05/24/2013 09:09 PM, Zece Anonimescu wrote:
> Robert J. Hansen wrote:

<SNIP>


>> This is something I wrote for PGP-Basics a few weeks ago.  It's bleak
>> and depressing, but I believe it's an accurate picture of where things
>> currently stand:

<snip>
It looks spot on to me.  I cannot get anybody to use OpenPGP
because most don't use email any more and the few that will
still communicate with me via email say they don't need OpenPGP.
I have only one person that will communicate with me regularly
via email any more and he won't use OpenPGP.  He won't purchase
PGP and he stubbornly resists shifting away from Outlook as his
POP email program that he uses.

> Besides, email is not dying. It's plain stupid to support such idea.
> Sorry for the bluntness. Back in 1992 a handful of people were using
> emails. For serious business they went on Usenet. Today every two bit
> service needs an email to authenticate, to change passwords, to send
> newsletters, to confirm shipments, invoices, you name it. The trafic is
> higher. The users are 1.000 fold. I don't know the size difference. I'm
> pulling numbers from a bag. In 1992 it was a way of scamming the postal
> service out of their cents for a stamp. Today all the internal papers in
> companies of all sizes are sent by mail. Blackberry? That's email too!
> Have you got my fax? That's email too!

First, I have been using email and real Unix since the 1970s.
I didn't use email to avoid paying postage.  Mostly I was mailing
Prolog or other programs to others or them to me before 1995.

Second, a fax is not email either from either a transmission or
a legal standpoint.  Instead of being conducted down the
digital Internet TCP/IP highway, faxes are tunneled through telephony
equipment, digital or analog.  It is not legal to use even an
OpenPGP signature on an email as legal tender in a court of law.
But your hand writeen signature on a document that  faxedis legal
tender in the United States and many other countries.

Third, do a search for "PeskySpammer" in either DuckDuckGo.com or
Google.  Initially I was getting as much as a thousand messages
per day before the bounces subsided as more and more mail admins
finally keyed in on my advice on my blog.  Now I get almost no
bounces at all from mail servers.  Most mail systems drop the
spam messages sent directly from a hacked Windows PC machine that
pretend to come from some place else like a hot potato now.

But PeskySpammer's bots got the fake FROM email addresses
accidentally added to their TO lists.  I am still getting as
many as 100 messages per day because I get all of the messages
for users at the securemecca[gnot]com domain.  Others that have
their emsil set up the same way (they are mail admin for the
domain but have no control over the mail server) will be
getting the same thing.  There is so much spam that almost
nobody will answer me any more.  One of the reasons is that they
start a new email address to fight the spam and don't bother to
close down their old email address.  But most people have made
a permanent shift to Facebook or other social web sites so that
if I really need to contact them, I send them a snail-mail
message.  Many times even that is ignored since they monitor
their Facebook or other social service account messages and
that is all..  This doesn't bode well because I neither want
nor need a Facebook account or an account with the myriad of
other social services.

I suspect most people just select and delete all email messages
in their active email account every few weeks or months.  This
does not bode well for the usage of GnuPG.  I cannot get anybody
I know to use OpenPGP.  Even most of the people at SANS and other
people don't use OpenPGP encryption any more.  Maybe we need
a legal threat that says OpenPGP encryption is going to be taken
away from us to get people to use it.  They will use TLS, SSL or
other encryption that is "built-in" but don't even seem to
take that seriously any more.  I don't know what is happening
but I imagine a sociological or psycnhological dissertation
is in the offing because of people's behavior.  It really is
that bizarre now.  Nibiru - I don't know how many people believe
it but it numbers in the millions.




More information about the Gnupg-users mailing list