It's 2014. Are we there yet?

Kapil Aggarwal kappu at
Wed Apr 9 20:07:49 CEST 2014

I have. I was hoping there has been atleast a small rise in user perception
about secure communications and newer software platforms/delivery channels
that are beneficial.

-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces at] On Behalf Of Robert
J. Hansen
Sent: Wednesday, April 09, 2014 1:59 PM
To: gnupg-users at
Subject: Re: It's 2014. Are we there yet?

> The "secure communications" paradigm of course spans a whole spectrum 
> from "I don't give a ****" to "I'll do anything to protect my 
> communications, including giving away my first born". I suspect the 
> "average Joe user" in 2014 is slightly above the former, but way below 
> the latter. Without going to the other end of the spectrum, what will 
> make adoption of secure communications a bit more palatable to the 
> "average Joe user"?

Every year or so this subject comes up, and my answers are unchanged from
last time: start by reading up on academic papers studying this exact
problem.  For a while John Clizbe and I kept a list of good papers, but I
have to confess I haven't been keeping up on the latest literature.  Still,
our last list is pretty good reading.

(These selections come from both John and me, but John is the one who
assembled them into proper cite format -- thanks, John.  For the original
message, see "Re: what is killing PKI?" on this mailing list, posted on 24
Aug 2012.)


Gaw, S., Felten, E. W., and Fernandez-Kelly, P. 2006.
Secrecy, flagging, and paranoia: adoption criteria in encrypted email.
In Proceedings of the SIGCHI Conference on Human Factors in Computing
Systems (Montreal, Quebec, Canada, April 22 - 27, 2006).
R. Grinter, T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G. Olson, Eds.
CHI '06. ACM, New York, NY, 591-600.

Garfinkel, S. L., Margrave, D., Schiller, J. I., Nordlander, E., and Miller,
R. C. 2005. How to make secure email easier to use.
In _Proceedings of the SIGCHI Conference on Human Factors in Computing
Systems_ (Portland, Oregon, USA, April 02 - 07, 2005).
CHI '05. ACM, New York, NY, 701-710.

Alma Whitten and J.D. Tygar. Why Johnny Can't Encrypt: A Usability
Evaluation of PGP 5.0. In Proceedings of the 8th USENIX Security Symposium,
Washington, DC, August 1999.

Steve Sheng, Levi Broderick, Colleen Alison Koranda, and Jeremy J.
Hyland. Why Johnny Still Can't Encrypt: Evaluating the Usability of Email
Encryption Software. Poster session, 2006 Symposium On Usable Privacy and
Security, Pittsburgh, PA, July 2006.

Gnupg-users mailing list
Gnupg-users at

More information about the Gnupg-users mailing list