November 9, 2015

The problem with GPG

Speaking of security and hacks, Moxie Marlinspike pretty much nails the problem with GPG:

Looking forward, however, I think of GPG as a glorious experiment that has run its course. The journalists who depend on it struggle with it and often mess up (“I send you the private key to communicate privately, right?”), the activists who use it do so relatively sparingly (“wait, this thing wants my finger print?”), and no other sane person is willing to use it by default. Even the projects that attempt to use it as a dependency struggle.

This is true for PGP too.

(GPG is for encrypting email using keys, basically an open alternative to PGP. All email should be encrypted, but in reality, it’s just too much of a hassle for most people, me included.)

Thoughts? Let @tdh know on Twitter, or find me elsewhere. There is also a newsletter.