It's time for PGP to die.

david at gbenet.com david at gbenet.com
Sun Aug 17 11:41:27 CEST 2014 

On 17/08/14 08:57, Heinz Diehl wrote:
> On 16.08.2014, Kristy Chambers wrote: 
> 
>> Sorry for that crap subject. I just want to leave this.
> [....]
> 
> The use of PGP/GPG depends entirely on the respective needs and
> and context. For me, it has been working perfectly in many years, and
> thus, what's described in this article is a good example for theory
> which doesn't affect practice. At least in my case.
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

I've been using gnupg for many many years. I have 199 users in my key ring and 99.99 per
cent are "untrusted." A fact that I for one do not mind. You don't trust my key is from me -
right? Trust is relative - you have all been here for many many years - but I will not sign
keys from you as "trusted."

Leaving aside the issue of how popular encryption of mail is - we are faced with the fact
that 98 per cent of computer users are completely ignorant about software and hardware. They
just go into PC World and buy what they like. There is No Microsoft pre-loaded security
features built-in and so end users have no idea about encrypting their emails - and no easy
way to instantly share keys between users. There is no automatic key generation at the point
of switching the computer on for the very first time and then sharing your key with millions
of other people.

Same with so-called smart phones and tablets - there is no automatic "simple" key creation
and automatic posting to a secure key server.

We make an effort - but I have very very few friends that I have had to install gnupg on
their computers - every one I know knows nothing about computers. While we are concerned
with our "rights" to private communication - concerned with NSA GCHQ 99.99 per cent of the
world's population while having a general or non-existent idea of "security" have no idea of
what they should do. We fiddle while Rome burns.

After 20 odd years while there has been advances in cryptography and GUIs there has been an
almost zero growth in take up. No wonder Yahoo and Google (who can not be trusted) are
providing solutions to end users who are completely ignorant. Can you imagine the horror of
Microsoft entering the "market?" That thought scares me to death.

But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that
they are all sold with a version of "Windows" on them. What is required is that at first
boot up of a computer an Iphone or an Itablet whatever a programme needs to run that will
install and create a set of keys automatically. Your public key will automatically be sent
to key servers. If there are any "bugs" security holes - then updates should be automatic.

Time to die? Well after 20 years I think it is all very academic - professors sit in class
rooms the world over - not much common sense comes out of their mouths. The real issues are:

(a) do we want to implement our own security on our own devices as a "geek" or
(b) have some automated pre-installed software that will create all that's necessary at
first boot or
(c) rely on some large corporation to handle the encryption and decryption for us

Will global encryption and de-cryption of all emails and there attachments be fully automatic?

The implications for security and intelligence services are a real head ache but who cares!!
Some countries do not allow encryption by law and those that do will change their laws to
have access to All private keys or face long term jail sentences. All governments are
against the people.

GNUpg would have a great future if the developers had greater vision. We are in a very very
tiny minority of people. So small we are insignificant. The use of gpg will die out because
we are ALL getting a bit long in the tooth.

Service providers will make their own solutions available simply as an added "end-user
benefit" but without any legal binding on their own security. We know that the NSA and GCHQ
would be horrified by the thought of every one in the entire world encrypting their emails.
They have a vested interest of keeping it under their control.

The fact is 99.99 per cent of the world's population does not know gnupg exists. Or GPG4WIN.
Perhaps when we are all in our 90's we will say "Oh gpg was a good idea, pity it did not
catch on."

David














-- 
“See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the
kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No
delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xAAD8C47D.asc
Type: application/pgp-keys
Size: 3909 bytes
Desc: not available
URL: </pipermail/attachments/20140817/e04b0925/attachment-0001.key>

More information about the Gnupg-users mailing list