Essay on PGP as it is used today

Tue Jul 23 04:57:16 CEST 2019

> I think that’s the point security researchers like Schneier have been
> trying to make: it is easy for all people — from grandparents who
> still think they need AOL to chipheads who can install Arch without
> watching a YouTube tutorial — to screw up encrypted email in a way
> that exposes the cleartext.

This is true, but it's not because OpenPGP is uniquely difficult.  It's
because it's uniquely flexible.  Signal is intimately tied to the cell
platform and cell signaling.  Even when using the desktop client, it's
using your cell phone as a proxy.  The more choices you take away from
the user, the easier the remaining experience tends to become.

(Which is not the same as saying the remaining experience is a *good*
one, just an *easy* one.  Go ahead, try using Signal to do a third party
noninteractive introduction.  Can't do it!  That choice is taken away
from you.  Which means if you don't need third party introductions, the
experience is good and easy... and if you do, it's bad and easy: bad, in
that you can't do what you need, but easy, in that at least it's very
honest about not being able to do what you need.)

> Encrypted email is fundamentally unsafe as it currently exists.

Given the government uses email to transfer national security secrets, I
question this assumption.  Email can definitely be made safe enough: the
question is whether individual users can be expected to have the
training and experience and resources to do so on their own.  (I
personally think the answer is 'no'.)

> But if you’re trying to securely communicate like a normal person who
> is not pretending to be Mister Robot, then PGP for email is one of
> the least adopted, least safe ways to do so and 
> Signal/iMessage/WhatsApp are decent solutions.

I generally agree.  I recommend WhatsApp as a communications client of
first recourse for people in non-permissive environments.

Number one, it's easy to convince other people you meet to use it.  "You
can reach me on WhatsApp at..." tends to get reactions of, "oh, yeah, I
have it installed" or "I guess I should install that".  You don't need
to talk about security or code audits or E2E or anything else: just show
them it's fun.

Number two, switching from SMS to WhatsApp is a *huge* increase in
security for the average smartphone user.

Number three, the cops don't look at you funny if you've got it on your
phone.  Especially if you've got some nieces and nephews you can trade
funny memes with.  Purge the important stuff before you go through a
border crossing and if you're asked about WhatsApp just say "my nieces
and nephews made me install it so they could share funny stuff with me".

Signal fails on #1 ("This is supposed to be a ... a secure
communications tool?  Why do I need that?  I don't want to get in
trouble with the cops.") and on #3 ("Why do you need this, citizen?").