Slashdot Mirror

← Back to Stories (view on slashdot.org)

NAI to Sell Off PGP Product Line

Posted by michael on from the pretty-bad-profits dept.

An Anonymous Coward writes: "Network Associates announced today that they are ceasing development of most of the PGP product line, including PGPMail and PGP Desktop Encryption software. This was apparently due to disappointing sales of the products. See the FAQ for more information on what's being killed and what's being kept." Another anonymous and unverified submitter says, "The entire PGP Business Unit was axed more or less wholesale. I guess selling encryption doesn't really make money. I worked there up until today and somewhere around 250 of the 300 employees were clipped."

19 of 305 comments (clear)

  1. Rats... Ship by NitsujTPU · · Score: 4, Interesting

    If my product line was about to become illegal and wasn't selling well to begin with. I'd sell to the highest bidder too (and I'm sure it will sell high).

  2. What happens now? by DarkZero · · Score: 2, Interesting

    What happens to a great commercial program after it's permanently axed by its creators? Do we just pirate the Hell of it now and generally continue to use it, since the encryption will probably be good for years to come, or is there some reason that we can't or morally shouldn't?

  3. tools vs apps and PGP prevented hacks by shibut · · Score: 2, Interesting

    To me this is just another example of a tool/IP business model not making it even though it is useful technology and if it were gone it would be sorely missed. Still, businesspeople don't have the capabilities of valuing a tool that is not an end product (show me an MBA that sees encryption as an income generating end-product and I'll show you a geek in wool/MBA clothing). Also, I have yet to hear of a major money draining hack to a corporation that could have been prevented by PGP, I believe the stolen credit cards etc were obtained by hacking the system open, not listening on the lines. Anyone know of such an example?

  4. Yeah :-/ by Brian+Feldman · · Score: 3, Interesting
    It was a pretty somber PGP all-hands meeting today; I didn't expect it, really, but I wasn't paying that much attention. TIS^H^H^HNAI Labs exists really pretty separate from PGP except for being part of that "business unit", and considering that we aren't "losing market share", costing the corporation money, or anything like that....

    So, luckily, the NAI Labs section of PGP was exempt from all this change and will be shuffled around more, but we're still here =) It's a bit disappointing to see your company admit failures like this, even if it's for the best interest of the company.

    --
    Brian Fundakowski Feldman
  5. Why I use PGP... by Bonker · · Score: 5, Interesting

    I just happened to have it installed instead of GPG, but I will probably make the switch now that it's being discontinued.

    1. Private Data... There's a lot of stuff that I do and say through email that is perfectly kosher, but is none of my company's or coworker's business, like emailing my wife whilst at work. I know for a fact that there are nosy people in my networking department, but 2048 bit D-H encryption makes this Somebody Else's Problem (tm) even thought I am forced to use Exchange at work.

    2. Insecure Mail Servers... By the same token, I am forced to keep sensitive data on an Exchange server. It doesn't take a genius to see that any given company's Directory/Mail/Personal Info server is going to be one of a malicious cracker's first targets, if he or she is interested in doing anything other than 0vvnZ'ing the website. When the time comes... and it will... I will be able to say... 'No, my sensitive data was NOT compromised, because it was securely Encrypted.

    3. Personal Liability. I'm a freely spoken individual. Some people don't appreciate it. If I say something in an email that could possibly be used against me later by the owner of a mail server, it goes in encrypted. By the same token, any personal files on my work PC belong to me, and not my company. Without my passphrase, they can't do shit with them.

    4. Geek factor. It is oh, so cool to be able to 'sign' an email, and advertise your public key. Mine is:

    http://www.furinkan.net/key.txt

    --
    The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
    1. Re:Why I use PGP... by indiigo · · Score: 2, Interesting

      If you use windows, slack space, temp files, etc. They can 99% of the time recover your "Safe" data.

      Trust me on this. Just went to a lecture for litigators for Corporate IP cases where IP was stolen, and they state they can recover data past the DoD 7 wipes, at a cost of 1 million. Likely not your case, but if they want it, they can likely get it.

      Unless you are wiping free space on your disk over 7 times after every "confidential" message, discovery teams using tools like safeback can get to it.

      --
      fslg503-985-8686503-985-8686503-985-8686503-985-86 8650 3-985-fdsg8686503-985-8686503-985-8686503-9
  6. PGP wish list by 4n0nym0u53+C0w4rd · · Score: 3, Interesting

    PGP had a few of strikes against it:

    A. Little perceived need by the masses
    B. Hassle to use

    and more recently

    C. Government rumblings

    A. could be dealt with by some good old FUD. I've always been amazed that NAI and others have resisted the evil urge to play on naive users' fears of "hackers." Come on, companies with lame IDS and Firewall products have been playing the fear card for a while. Imagine how effective a campaign would be if the product were actually good... (Not that I'm a fan of these tactics).

    B. is a more difficult problem. Although the product has come a long way since the old DOS version with it's confusing options, it has a way to go to acheive true ease of use. People don't necessarily "get it." I'm not a huge fan of dumbing down interfaces, but a real simple set of wizards that handled all the stages of key creation and software integration would be helpful. Plug-ins for email are good, but a deal with MS or Eudora to bundle it would be better. Plug-in with ICQ is good but a bit clumsy at times. Maybe playing up the Envelope metaphor in email programs would be better... Also, encouraging users to get their email contacts to install the freeware version would be great. Maybe, a window that popped up when people tried to send an encrypted email to a person whose key isn't know. The window could mention the problem, and offer to send the recipient an email with a link to the freeware (or perhaps a free "reader" that allowed for key creation and email integration).

    With C. the issue is just a big hassle. At some point you'd hope the Gov't would realize that restricting strong encryption will have no effect on criminals, only business and home users.

    --

    Buy Hex-Rated Stuff, fight the DMCA!

  7. Re:Encryption is alive - but PKI is dead by fo0bar · · Score: 2, Interesting

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Well, it's all about convienence. I use pgp4pine which does automatic decryption/signature checking on incoming email, would automatically try to fetch public keys from PGP key servers, let you choose if you want to encrypt outgoing messages, just sign them or don't bother....

    Appearantly mutt has some decent PGP tie-ins. Hell, I remember Eudora used to have a PGP mode.

    Unfortunately, the implementation across OS's and mail packages are inconsistent, and that will probably be the demise of PGP/PKI.

    *shrug* What do I care? I don't mind using the clear envelope theory of sending email 98% of the time... The other 2%, it's usually to a friend or colleague who also has PGP.

    EOF
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (FreeBSD)
    Comment: For info see http://www.gnupg.org

    iD8DBQE7xmqUKZYQqSA+yiURAiDRAJ9G3rMyNRJOHfpRDt+g 1V 2SLuQH9ACfU/HG
    9yhh23ifyYH57o1h5c+Y3Gg=
    =VK6P
    -----END PGP SIGNATURE-----

  8. What?!? by John+Whorfin · · Score: 2, Interesting

    Post a link, man.

    I just saw PGPNet 7.1 ONLY for $60 for a two year contract. This was from PGP too.

    With the 7.1 series they split apart the entire PGP Desktop package are (were) selling the peices individually.

    $30? I don't think so.

  9. Re:Causes by spudnic · · Score: 4, Interesting

    Not only was it not free, it was horribly expensive. We where looking at getting it for a public (read: poor) hospital that I was doing consulting work for a couple of years back. They wanted like $400 per workstation for their "corporate desktop" edition. There was no way they could afford $60,000 for this project.

    I see now the price is $179 per workstation on their website. Still pretty pricey for encryption.

    --
    load "linux",8,1
  10. Free software cannibalization and software cycle by Ars-Fartsica · · Score: 4, Interesting
    Well, PGP had simply reached a level of age and maturity where one should expect a free replacement to come on the scene. My observations are that you have four to five years to squeeze revenues out of a software product before you can reasonably expect a free competitor.

    This will simply become part of the arithmetic commercial developers will have to deal with.

  11. Re:Encryption is alive - but PKI is dead by spudnic · · Score: 3, Interesting

    I had given PGP several chances. For one reason or another I'd get all fired up about it. I'd go an generate new keys, submit to keyservers, etc.

    Then it hit me. Who can I send this to? If I encrypt something, nobody is going to know what to do with it, not even most of my tech savvy friends. Even they don't have current keys that I could get hold of, so I couldn't encrypt it for them.

    I settled for signing my messages if for nothing else to spread the PGP word. That ended when I actually had someone who I respected on a mailing list tell me to stop waisting space by including all that "garbage" in every one of my messages.

    Geez.

    --
    load "linux",8,1
  12. My corporation tried to buy PGP... And couldn't. by Anonymous Coward · · Score: 5, Interesting
    The biggest potential users of this would have been the Slashdot types

    Umm, no. I work for a company that has our own symbol on /., one with a funky dropped 'e' in it. You might be able to figure out who we are. We tried to buy PGP for Unix to secure engineering data--we happen to be one of the largest Microsoft shops on the planet, but all the real work still gets done on Unix/Linux--and NAI wouldn't sell it to us. We were talking THOUSANDS of licenses, ubiquitous deployment to everyone, and they weren't interested in providing a Unix client of the current version.

    So we're going to be using GPG.

    Get this: NAI have also threatened major bad legal juju if we ever put any GPG-generated keys on their keyserver product, which we also had previously bought (along with hundreds of individual PGP licenses). Hello? If that's not a Microsoftesque move, I don't know what is.

    They coulda made millions on our account. WE WANTED TO PAY THEM MILLIONS. Negotiations fell through. So now we're saving the millions and going to be supporting open source even though senior management is still not 100% clued into that this is a good thing.

  13. Re:Dissapointing sales? by The_Messenger · · Score: 0, Interesting

    You meant $300, right? Check their price list lately, bub?

    --

    --
    I like to watch.

  14. 250 PGP employees? by gnomish · · Score: 2, Interesting

    250 is a lot of employees for such a small product.. at least in terms of what a person would view as a niche product, at best. Perhaps this is just one of the last vestiges of the bloated net economy fading into the distance.

    However, other influences may be involved. It's pretty obvious that encryption schemes, in general, are under scrutiny after the Sept 11 attacks. Any company that is producing an encryption product certainly has taken a look at it's business in recent days.

    Ultimately, I think most people have given into the idea that their correspondence via email.. and really anything that ends up on their computer could be an open book if anyone really wants to look.

  15. lack of sales: reasoning by skotte · · Score: 2, Interesting
    i've got three reasons it didnt sell.


    1) "encode"? what's that?. (the ignorance fFactor that says 'if it didnt come with M$ office, i don't need it')

    2) modern variant: "encode"? what's that? i heard terrorists were encoding messages .. that must mean it's bad. (yes, i have actually heard this. not a stretch at all)

    3)if you are interested in security, there's a good chance you have something to hide. like all those warez on your desktop. ergo, you didnt really pay fFor that copy of PGP at all.

  16. Explains a lot ... by King+Of+Chat · · Score: 2, Interesting

    My company exchanges a shedload of confidential data with customers - some of whom use PGPG. I tried the eval of PGPmail last week and couldn't get it going with Notes (no Outlook - no virus). Even waving the prospect of 12,000 seats at them they wouldn't respond. Should've guessed something was up.

    We'll just have to stick to our normal encryption method - making our documents too boring for anyone to remain concious while they read them.

    --
    This sig made only from recycled ASCII
  17. Re:No one buys it because by sql*kitten · · Score: 2, Interesting

    The whole point of technology and the push of civilization has been the dissemination of information and ideas. Encryption runs so much against this concept that it's no wonder that people both don't understand its necessity and don't want it.

    You have it backwards. Civilization is about privacy. It's about having the freedom to do what you want to do rather than what the tribe wants you to do. It's about being free to disagree, being free to do something your way if you don't like the way everyone else does it.

    As Bruce Schneier said, "it's not enough to protect ourselves with laws of men, we must protect ourselves with laws of mathematics". That is going to be true as long as there are people on earth who are willing to kill other people for what they believe.

  18. Re:unintuitive windows user interface by dsb3 · · Score: 2, Interesting

    Hard Crypto + Clueless Users == Weak Crypto.

    There's really no other way to dice it. Due to the very nature of crypto in algorithm and implementation there just isn't space for a clueless user to stumble around and not expect to eithe (1) break something critical or (2) break something critical without realizing it.

    Repeat after me ... security is a process, not a product.

    --

    Slashdot? Oh, I just read it for the articles.