GnuPG to protect citizen rights (was: Announced chat control by the EU)

vedaal at nym.hush.com vedaal at nym.hush.com
Thu Oct 9 17:38:31 CEST 2025 

Is there any concern to not trust proprietary compilers, and instead
to compile everything from the gcc compiler? 
=====

On 10/9/2025 at 10:24 AM, "Werner Koch via Gnupg-users"  wrote:On Wed,
 8 Oct 2025 16:21, Robert J. Hansen said:

> generating certificates on GnuPG 1.4. But please, please, please,
stop
> using 1.4 already. Switch to the 2.6 series.

I can only repeat that.  Thanks for mentioning this, Rob.

Now that I attended this mail thread anyway, let me assure that I will
never accept a backdoor in GnuPG or related libraries.  I spent the
majority of my working life on that software [1] and the reason I got
into this was and still is privacy for the people.  Meanwhile my
company
is on very solid financial grounds and I actually could stop working
and
keep on helping with GnuPG maintenance and oversee developments
without
financial compensation.

Gpg4win, our Windows installer, is very likely what most people are
using for end-to-end encryption of mail and to protect data at rest.
The very same software is also the base for GnuPG VS-Desktop which is
used in Germany, Europe, Japan and even by some companies in the US. 
In
particular we build an NSIS installer for Gpg4win and by using this
very
installer along with custom configuration files and extra
documentation
we transform this into an MSI installer.  That MSI is what we give to
our government and industrial customer along with a support contract.

Thus all code you see in gpg4win is also in the GnuPG VS-Desktop.  Any
backdoor would be there as well.  We would be entirely crazy trying to
implement a backdoor; our repudiation would we dead and this is what
make up our business.  All my colleagues and co-hackers are also
strong
privacy advocates and share my view.

The chat control idea is only one idea on how to throw away citizen
rights.  The EU as well as other states and organization are trying to
protect themselves from their citizens.  For example the EU is
currently
setting up the “Expert Group for a technology Roadmap in
Encryption” [2]
to plan ahead for more control.  Take care and beware of newspeak.
Shalom-Salam,

   Werner
[1] A post on the GnuPG history from 2007
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/a-decade-of-gnupg.txt

[2] EU encryption roadmap
https://ec.europa.eu/transparency/expert-groups-register/screen/expert-groups/consult?lang=en&groupID=4005

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251009/36c734ce/attachment.html>

More information about the Gnupg-users mailing list