It's time for PGP to die.

Robert J. Hansen rjh at
Sun Aug 17 23:14:51 CEST 2014

> Leaving aside the issue of how popular encryption of mail is - we are
> faced with the fact that 98 per cent of computer users are completely
> ignorant about software and hardware.

"Completely ignorant" is an overstatement.  Few people today are
completely ignorant about software and hardware.  Most people do not
have the sort of knowledge about computers that I'd like, but... you
know what I realized a few weeks ago?

I was watching a janitor mop a floor... without leaving footprints in
anything.  It struck me because I mopped my kitchen floor recently and
wound up with soapy water all over my shoes and tracked it through some
of my apartment before I realized what I was doing.  I mean to go back
to that janitor sometime soon and ask him, "hey, man, you look like you
know how to mop a floor correctly: what am I doing wrong?"

The janitor probably doesn't know the minimum voltage to flip a
transistor (200mV, usually) and couldn't build an adder out of NAND
gates if his life depended on it.  I can't mop a floor without tracking
soapy water throughout my place.  Kind of puts in perspective which one
of us is the ignorant one, you know?

Saying "most people today know very little about computers" is true, and
it deserves to be said.  But let's be real careful about thinking we are
in any way better than other people.  We're not.

> There is No Microsoft pre-loaded security features built-in

Microsoft has a *ton* of security features built into their operating
systems.  Post-XP, Microsoft radically overhauled their kernel and
started enabling a ton of useful features.  DEP, ASLR, enabling some of
the cool security features of the x64 architecture...

In the XP and Win2K days, yes, Microsoft's security was a joke and it
deserved to be mocked.  It has not been that way for several years now.

> After 20 odd years while there has been advances in cryptography and
> GUIs there has been an almost zero growth in take up.

Considered reading any of the available peer-reviewed papers that have
explored why this is the case?

> But we have to face the fact that Microsoft has a hold on hard drive
> manufacturers - in that they are all sold with a version of "Windows"
> on them.

No, Microsoft doesn't.  Walk into a Best Buy, a Fry's Electronics, or
whatever store you choose, and it's *easy* to find hard drives that
aren't pre-loaded with Windows.

> GNUpg would have a great future if the developers had greater
> vision.

Then fork the source code and code up your own vision.

> The use of gpg will die out because we are ALL getting a bit long in
> the tooth.

So what?

If a new email cryptography standard comes out that's significantly
better than GnuPG, do you think Werner is going to sit around drinking
Tanqueray straight out of the bottle because nobody's using GnuPG
anymore?  I don't.  I think he'll cheerfully send GnuPG off into
maintenance, applaud the new standard, and volunteer to help with a free
implementation of the new standard.

If GnuPG dies out because nobody cares about privacy, I'm not going to
mourn the loss of GnuPG.  I'm going to mourn how nobody cares about
privacy any more.

GnuPG is useful and good only to the extent that it is a useful and good
thing for human beings.  *People* are the important thing.  The authors
hope GnuPG will help people.  But, by itself, GnuPG is ... really rather

When (not if) GnuPG dies out, the only question will be, "is this on
balance good for people?"  If so, then let's be thankful GnuPG existed,
celebrate its passing, and cheerfully move on.

> Perhaps when we are all in our 90's we will say "Oh gpg was a good
> idea, pity it did not catch on."

The good ideas in computer science are overwhelmingly rejected.  The
ones that endure are usually really bad ones.  Compare the Intel 80x86
architecture against *any* of its competitors, for instance.  x86
Assembler makes me bleed through my eyeballs and beg for the sweet sweet
release of death.  It isn't MIPS or PA-RISC or PowerPC or any of the
literally *dozens* of superior architectures I've worked with over the
years.  And yet, x86 won in the marketplace.

I think everyone on this list who has more than ten or so years of
experience in the industry will have their own tales of technological
woe.  Good technologies get rejected, and then ten years later they get
rediscovered and renewed.

Look at VMS and UNIX.  UNIX won the server wars of the '80s and early
'90s and completely crushed VMS... up until VMS came back as Windows NT.
 Now, VMS has won the desktop, where UNIX is completely dead... except
for how UNIX got re-resurrected a few years ago as OS X, and as the Mac
desktop it's making a strong showing.  Good technologies rarely win, but
they almost always get re-adopted later.  It's a cycle.  :)

(No, I'm not kidding regarding Windows NT/VMS.  The parallels between
them are *profound*.  The same guy, Cutler, designed both, and the
Windows desktops that most people use nowadays are direct descendants of

More information about the Gnupg-users mailing list