Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can GnuPG Deliver?

Posted by michael on from the as-long-as-men-are-capable-of-evil dept.

jso888 writes "After Network Associates decided to halt further development of PGP, I'm sure that many users like myself who use non-CLI platforms most of the time, wondered "what next?" (PGP Freeware is not an option, since it's tied into the Network Associates product). Salon today has a nice article on GnuPG, the Open PGP/GNU alternative. The article highlights one of the problems with Open Source software today: its "by the geek, for the geek" nature, which by and large places barriers to mass adoption of OSS, especially important capabilities like personal encryption. One of the nice things about NAI PGP was its ease of use and commercial polish. It was easy to install and use, and integrated nicely with Windows software like Eudora and ICQ. GnuPG, admittedly, isn't quite there yet, the article concludes. That's too bad; given the privacy-hostile world we live in, the last thing we need is another barrier to widespread cryptography adoption."

3 of 286 comments (clear)

  1. Try the many front ends by mlk · · Score: 5, Informative

    http://www.gnupg.org/frontends.html

    WinPT is quite good.
    http://www.winpt.org/

    But I've only found one "free software" package which is up to scrach with it's windows counterparts (in easy to install etc), and thats Apache Tomcat, and that needs some work. :)

    Ahh well, maybe one day.

    --
    Wow, I should not post when knackered.
  2. Re:secrets and PGP by theNote · · Score: 4, Informative

    Good email clients will automatically check the signature for you and display the identity verification.
    So, yes, in a way I check them all the time.

  3. Outlook, and outlook alone by coyote-san · · Score: 5, Informative

    The problem isn't S/MIME per se. Anyone who can use OpenPGP libraries can easily use S/MIME, and vice versa. The problem is Outlook, pure and simple.

    I don't remember the details, but it's been discussed on the OpenSSL lists recently. Outlook has totally dropped the ball on multi-part S/MIME messages. Because they're the 800-pound special-ed gorilla their incompetence means that few people are interested in using correctly working multi-part S/MIME tools that can't interoperate with the majority of people, while the coders understand how much damage is being done by the broken Outlook implementation and refuse to be involved in any effort that gives it credence.

    I'm rarely see black hats hiding in shadows, but this is one of those exceptions. It's too easy to imagine some spook taking advantage of the fact that MS can kill the market for secure communications, while ensuring that the tools are still available for their users.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken