We have GOT TO make things simpler

Jeff Allen jrallen at runbox.com
Sat Oct 5 14:05:37 CEST 2019

On 10/5/19 6:15 AM, Stefan Claas via Gnupg-users wrote:
> Tony Lane via Gnupg-users wrote:
>> But go ahead, please rationalize why "ease-of-use" is more important than
>> actual security for power-users such as myself and those who absolutely won't
>> compromise on true E2EE.
> Not to rain your parade, but I follow the topic encryption since the mid '80s
> and can say nowadays that GnuPG has failed to become an email encryption
> product for the masses, which IIRC was the initial goal of Mr Zimmermann's PGP
> back in the early ninetees.

The original poster, perhaps unintentionally, stated the real reason the
masses have not adopted PGP, "Please do appreciate that the persons who
we are convincing and instructing are not particularly interested in
privacy."  That's it in a nutshell.  The masses are not particularly
interested in privacy.  If they were, they'd abandon Gmail and Yahoo and
all the other providers who make no excuse for the fact their economic
model depends on users being not particularly interested in privacy.

I have used GnuPG since it was first released and PGP2 and PGP5 before
that.  I read "Why Johnny Can't Encrypt" 20 years ago.  I didn't believe
it then and don't believe it now because in my experience any
sufficiently motivated, reasonably intelligent person who wants to use
these tools can learn to do so expending less time and effort than it
takes to master the latest video game.

> Instead GnuPG became the ultimate tool for PGPGs[1].

Sure it is.  As Mr. Lane explained, its supposed to be.  But that
doesn't mean that it can't be used by non-PGPGs.  You don't have to
understand every command and option to use GnuPG effectively.  A handful
will suffice for file or email encryption.

> Try the following experiment, as power user: Explain to your loved ones,
> friends and co-workers GnuPG usage (with all its surrounding stuff like
> installing MUAs and plug-ins, besides of GnuPG) point them to the FAQ as
> learning resource and then show them as modern alternative Mailvelope
> or the new Autocrypt from Vincent ...

I agree that there are easier-to-learn encryption solutions than GnuPG.
Mailvelope, FlowCrypt, ProtonMail, Mailfence and Tutanota come
immediately to mind.  Any is adequate for the privacy needs of the
masses.  Unfortunately, the masses haven't swarmed to them any more than
to PGP or GnuPG.  The masses think they have nothing to hide.  They
aren't at all concerned about privacy.

> [1] Pretty Good Privacy Geek


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191005/d79c9af6/attachment-0001.sig>

More information about the Gnupg-users mailing list