Can GnuPG Deliver?

jso888 writes "After Network Associates decided to halt further development of PGP, I'm sure that many users like myself who use non-CLI platforms most of the time, wondered "what next?" (PGP Freeware is not an option, since it's tied into the Network Associates product). Salon today has a nice article on GnuPG, the Open PGP/GNU alternative. The article highlights one of the problems with Open Source software today: its "by the geek, for the geek" nature, which by and large places barriers to mass adoption of OSS, especially important capabilities like personal encryption. One of the nice things about NAI PGP was its ease of use and commercial polish. It was easy to install and use, and integrated nicely with Windows software like Eudora and ICQ. GnuPG, admittedly, isn't quite there yet, the article concludes. That's too bad; given the privacy-hostile world we live in, the last thing we need is another barrier to widespread cryptography adoption."

What's holding back security

No one is building encryption or other security measures directly into products.

Encryption by itself is too difficult and esoteric for normal users. If you want to see it spread, make it easy to use and easy to understand.

Re:What's holding back security

[mlk]

SMIME, and Outlook.
It's dam easy to set up and free to get a key (and a nice button on Outlook).
No, the reason people don't use it is there is little point, not even my BANK recomends sending emails with personal data encripted!

(alas not all email clients or mail servers support S/MIME yet)

Re:What's holding back security

[psamuels]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't mean to sound elitist (ok, maybe I do) but....

Easy to use is what its all about. People who say things like PGP are easy to use for the average user are dreaming(and when I say average Im talking about grandma here). What you want is something that integrates seemlessly and is extremely esy to setup and configure.

The problem is that PKI is not easy. Key exchange is relatively easy, sure - just have the application upload and download from a keyserver. But what about key signing, and the web of trust? How do you make that part easy? To maintain security, users must understand exactly how the process works. Signing a key is a multi-step process and each step must be done with regard to absolute security. I can't imagine how you could wrap the web of trust into a slick GUI without completely negating the point.

And what about key revocation? Do you really think that when an office worker moves from one department to another, and gets a new computer, that he will think to copy his private key to a floppy and delete it from his original computer? Or, failing that, will he issue a revocation certificate when he realises that someone else now has access to the private key? For that matter, will he encrypt the private key so that he has to type a passphrase every time he accesses it?

These are not things you can easily abstract away. The user must understand the whole process, or he will never get it right. In turn, not getting it right would dilute the web of trust. And remember, the users we're talking about are the same ones who fail to understand why you don't just launch untrusted applications out of your e-mail, and why your password really needs to be at least five characters long. Does anyone think the average corporate user will have any grasp at all on how and why to use PKI in the way it was designed (i.e. securely)?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8oxyBXk7sIRPQRh0RAm/RAKC1wm0wzc/WH+vyRrC5dd b0hcKENgCeO5rH
WjQJECmQ2hIL5axm0jo0lOU=
=CuR1
-----END PGP SIGNATURE-----

Re:What's holding back security

[psamuels]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

And that's the Rub! When you sign a check, the burden is on the bank and the vendor to verify that you signed it...and all it says is that you signed it. That's good enough for buying some very expensive things (cars, houses, small countries)

One point: usually when you buy these expensive items, there are independent ways used to verify your identity. For buying cars and real estate (at least in Kansas), you have to have the title notarized, which of course implies that the notary, who is licensed by the state, is supposed to check your ID.

This sort of thing doesn't really scale to e-commerce easily. On the Internet, it is much more difficult to verify someone's identity than it is in the Real World. Thus, digital signatures are trying to solve a much harder problem, in the common case, than ink signatures are. Unfortunately the hard problems don't go away by throwing technology and GUI interfaces at them. A command-line switch for "trust this signature even though we have no way of knowing if the owner is who he says he is" is just as bad as a GUI check-box saying the same thing.

One might say that certificate authorities and KDCs are the digital equivalent of a notary public. The web of trust is the digital equivalent of a bank asking you for ID when you open an account, and keeping your signature on file for later comparison.

Yes, with a digital signature, you get proof of identity, and along with it, non-repudiation, date stamping, window of validity, revocation lists and a TON of 'useful' stuff that you don't get with an ink signature.

Nonsense - most of these features can only be implemented if there is a trusted third party, aka certificate authority (CA). How is this different from a notary public? In the Real World you can get every single signature notarized, providing the same non-repudiation, date stamping, and so forth. People don't usually do this because it represents a lot of time and money.

And then there's the issue of whether you trust the notary, or the CA. The notary is licensed by the State, the CA isn't really licensed by anyone but gets credibility from the number of people who recognise it (rather like the value of paper currency). In both cases, how do you know for sure that it can be trusted? You don't, you can only assume.

But if you CAN'T make it as EASY as an ink signature, you're not going to get much adoption.

As I've said, if you want the real benefits of PKI and digital signatures, you either need an extensive web of trust (hard to achieve) or a trusted third party (CA). This isn't something you can just hand-wave away with better interfaces. I really don't see how the ease-of-use problem can be solved. It's easy to get people to use SSL with https: web sites. It's hard to ensure that their e-commerce transactions are actually secure against MITM attacks and various sorts of spoofing. Without identity verification (in both directions (sure, the web site has a CA-issued certificate, but do you?), the great benefits of PKI and digital signatures are largely a myth.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8o0tbXk7sIRPQRh0RAuBYAJ9DVmv2jxgv2jC6EeihXp jsAWraMQCff6ic
B/PfLLMNGphv+UzaKcUZmaE=
=8uVU
-----END PGP SIGNATURE-----

secrets and PGP

[56ker]

How many of us actually have secrets to hide that we go to the bother of encrypting them with PGP any more though? I have only ever sent a few PGP e-mails before I figured it was too fiddly and time consuming to bother with.

Re:secrets and PGP

[theNote]

Good email clients will automatically check the signature for you and display the identity verification.
So, yes, in a way I check them all the time.

Re:secrets and PGP

[ilcylic]

The point isn't whether you have secrets now, it's whether you'll ever have secrets. If you only send one encrypted email, and "someone" is watching, they know to devote all of their effort to breaking that one message. It's not a matter of "having secrets to protect", it's a matter of ideologically being a thorn in the side of people who want to be able to read your email.

The other point is that it's better to use encryption because you can. It's like always using ssh, instead of "just when you don't want someone to snoop your connection". Use encryption all the time, because protecting your privacy is always a good thing.

-il cylic

Re:secrets and PGP

[tzanger]

And I don't understand the concept of PGP Sigs either.. How does that prove anything? What's to prevent me from smacking a PGP Sig on my email? Does anybody verify those?

I use KMail; it has very nice GnuPG integration, the only missing feature is for *it* to go through and encrypt my attachments instead of making me do it. At any rate, any email with a PGP sig is automatically checked and since I have the colour bar enabled signed messages with keys I trust (and that pass) are in a green border. Good sigs with keys I don't know/trust are in a yellow border and bad signs are in a red border. Very eye-catching and very nice.

I generally sign messages (not encrypt) if I want to give the person on the other end a way of verifiying that what I sent didn't get altered. I encrypt when I don't want anyone else reading it. It's perhaps a subtle difference, but I use it quite often.

Re:secrets and PGP

[tftp]

igning e-mails sounds more like a liability than anything else.

One day someone receives an email from his parents, asking for urgent money transfer because of some disaster; the bank account is provided. The guy goes to the bank and transfers almost all he has.

A week later this person might be very upset that he did not demand a digital signature on the email because his parents never sent him any requests for money, are in perfect health and have no idea whose bank account it was...

Something to work on.

[ilcylic]

The advantage, of course, is that if someone decides it's important to make GPG pretty, it will get done.

Interfacing isn't that hard. What sort of "easy to use" features would be desired in a personal encryption suite?

A graphic display? PerlTK can do that. Simple means to keep track of new keys? I don't know what features would be wanted here. Lets figure it out and write it. Open Source is all about fixing problems you percieve.

-il cylic

Try the many front ends

[mlk]

http://www.gnupg.org/frontends.html

WinPT is quite good.
http://www.winpt.org/

But I've only found one "free software" package which is up to scrach with it's windows counterparts (in easy to install etc), and thats Apache Tomcat, and that needs some work. :)

Ahh well, maybe one day.

Re:Try the many front ends

[Llanfairpwllgwyngyll]

The front end doesn't solve the problem that *corporate* users face.

GnuPG doesn't support ADKs (additional decryption keys). A lot of people don't LIKE the whole idea of ADKs. But look at it calmly. I would NOT have an ADK in my personal PGP key under any circumstances. But the PGP key I use for work - that has a designated revoker (so if I'm sacked the key can be revoked without my cooperation), and an ADK that *requests* (it cannot enforce) that items encrypted to my work PGP key can be read by one of our Corporate PGP keys (whose use is very highly controlled - and is held split anyway).

I have encrypted disk partitions - but if I'm hit by a bus, the Corporate disk ADK can recover the data that belongs to the business.

GPG doesn't inherently support key splitting, or disk partition encryption. The key splitting allows proper auditable control over particularly powerful keys. For example, our Root Corporate Signing Key is split amongst 8 trustworthy people and at least 4 of those 8 must cooperate to bring that key together for use.

GPG is great, but it won't replace PGP in the Corporate setting (where it is used a lot more than you might expect...) even WITH a nice frontend until it can support such features. I look forwards to the time when it does!

A business cannot risk losing access to data which is encrypted, so these facilities are required.

Re:Try the many front ends

[HiThere]

You are right. GPG only tries to do what the designers intended it to do. And if what they wanted wasn't what the business wanted ...

If businesses want to use open source for something that the open source programmers don't feel like doing, then they will need to subsidize the development. That's the way it works. But if they do, then they get the options they want.

If they choose to go with a closed source product, then they get what the developer provides, until the developer decides to stop providing it. If it's open source, then they get it with no time limits, but if the project stops supporting it, and they want maintenance, then they will need to pay for it, in some way or other.

TANSTAAFL? Well, not really. But if your menu is the same as the other guys, then you can sure get a cheaper rate. And if you need a specially selected choice of wine with your dinner, then you pay extra.

OTOH, if you go closed source, you probably don't have any choice as to what will be provided on the major products (that's a result of what they call a monopoly). And for the lesser products, you still don't have much choice after you make your purchase.

Nothing's perfect. Open Source has it's flaws, and some of them are a bit excessive. But in my mind they pale in comparison to the flaws of closed source with a central monopoly.

Back to GPG and the need for added features. If businesses want the product that you describe they can:

1) write it from scratch or hire a consultant to do so

2) modify an existing open source program as permitted by the license. If they are modifying GPG, then the GPL determines their choices. Which includes keeping everything secret, but also include forking the GPG into (say) the GPGC and just adding the features that were missing. This would probably also make modifying the existing GUI shells relatively simple.

3) do without

4) do something illegal, and count on chance and their lawyers

5) do something I haven't thought of

The features that you mention all seem quite reasonable for a commercial group to want, but it is quite unreasonable to expect an agglomeration of individuals to be in favor of them. E.g., if I were to have an encrypted disk partition, then it would be to my benefit if nobody could read it without my permission. And if I quit in anger, or was fired, then I wouldn't want the company to be able to read my disk. It would (perhaps) be to their benefit to be able to do so, but it's not at all clear that it would be to my benefit.

This reasoning applies to all levels of the company from the secretary to the general manager. And this may in some measure explain why no significant effort is put into features of benefit to the company but not to the individuals. (Of course, computer techs will be most aware of this, but then they would also need to be the ones initiating the argument for funding the project.)

A closed source company would be more likely to provide these functions, but they would also be more likely to keep their code secret and unmaintained if they went out of business. Perhaps leaving you with disks they were unreadable (what is the most likely cause of their going out of business?).

Make it Seamless, Silly.

[Above]

I use gnupg. Not a lot, but with a few people who have it set up right I can just exchange PGP messages without really doing anything, which is the way it must be.

I have tried many, many products to do PGP, and they all have problems. Even GPG with my favorite mailer had some fairly big setup hurdles. Fortunately once I cleared them it was relatively easy. I can only imagine that grandma is never going to use it at the current state of integration.

PGP functionality needs to work perfectly with mailers. You enter a pass phrase, and it just works. Until that happens the masses are not going to use PGP. This is imporant. If it were that easy, 90% of e-mail could be PGP encrypted, by default no questions asked. You can get there now, but only if you know a lot about PGP, and communicate with people in the same boat.

Re:Make it Seamless, Silly.

[possible]

There is a list of GPG mailer plugins and modules for common mailers, including Eudora, Outlook, Netscape, KMail, emacs, Pine, Mutt, etc. Failing that, you can always write your own.

Re:Make it Seamless, Silly.

[Above]

Until the plugins ship with the mailer, it is not seamless.

Re:Make it Seamless, Silly.

[Picass0]

I've been using Gnu Privacy Assistant(GPA) for key maintenance and Evolution for email. Evolution has seamless GPA and PGP support.

GPA features a GUI and is very straightforward to use. I'm an encryption retard and I figured it out.

Re:Make it Seamless, Silly.

[Dwonis]

Mutt has built-in PGP support. All you have to do is configure it.

Re:Make it Seamless, Silly.

[Above]

No, it's not. Grandma installs a mailer. She
sends an e-mail to her grandchild. If it works,
she's happy, if not, she will do something else.
She's not going to install a plug in.

Plug ins are fine to make things upgradable,
and flexable. But let's face it, web browers
ship with plug ins because they know 99%
of the people want them. If everyone was moving
PGP e-mail, that would be true of mailers too.

I don't care if it's an RPM, a FreeBSD Port,
or a package to download. It must auto-install
the plug in. It can come with the mailer, or
be installed as a dependancy, but until it's
automatic on all platforms it won't be
used by the masses.

I agree

[einhverfr]

The UNIX mentality, as far as I can tell, has quite a bit to do with building modular, scriptible components. GPG is no exception-- it comes with TONS of switches, only a few of which are likely to be used on a regular bases.

While some people characterize this as "by geeks for geeks" I don't think that is really the case. Having an extensible, scriptible component makes it REALLY EASY to build whatever frontend you want with whatever capabilities you want, and it also means that one can have the same capabilities available from a script.

Now, I agree that GPG is not yet ready for widespread adoption, but it is not the open source or UNIX mentalities that are broken. The tool just needs some time to mature.

Re:I agree

[jso888]

It strikes me as ironic that the Slashdot crowd complains about feature bloat on PC software, all the while extolling the virtues of having a gazillion switches for a single command line program.

I'm aware that I've just made a vague, sweeping generalization about just who would complain about Windows bloatware, and that I'm being slightly inflammatory. But bear with me.

My point is that both complaints really amount to criticizing the other side's mental model of How Software Should Work. Bloatware on the one hand, and having a gazillion command line switches on the other, are software developers' different approches to dealing with the same issue: meeting the needs of the user. It's just that the user they have in mind has a different profile in terms of how they expect computers should work. Strange that I should ever agree with Spolsky 100% on this.

So I stand by my characterization of the "by geeks for geeks". Switch that phrase to "by lusers for lusers", and hey presto, you're criticizing Windblows.

And that's the problem I have with this vague non-declared goal of OSS taking over the desktkop, and it's why I think losing NAI PGP is such a big deal.

You -- the Slashdot crowd "you", not the "einhverfr" you -- extol the virtues of "anyone" being able to put together a front end on top of the actual encrypt/decrypt model. Well, that's not what Joe in accounting is willing or able to do. You -- again, the Slashdot crowd "you" -- talk about the importance of encryption evangelization. Well, Joe in accounting thinks it's a pretty good idea, but can't for the life of him figure out what he needs to do to sign his Eudora-sent email in the first place.

In the end, I don't think at all that the UNIX mentality is broken, nor is Winblows' (well, not fundamentally broken, anyway).

I do think that there's a huge userbase demanding (in the economics sense) a package that will fill the gap caused by the loss of NAI PGP, or a non-MS product, or what have you.

It's just a question of whether those with the so-called UNIX mentality are willing to approach the problem from the other point of view. I'm cautiously optimistic.

Re:I agree

[jgerman]

It strikes me as ironic that the Slashdot crowd complains about feature bloat on PC software, all the while extolling the virtues of having a gazillion switches for a single command line program

I think you're missing the distinction between flexibility and "bloatware". Software only becomes bloatware when all those additional feature impede the everyday use of the software. Command line switches don't cause this problem, regardless of whether of not it's a command line Unix program or a command line Windows (I know, I know). The reason being that most command line programs use few switches for normal operations. Bloatware is usually a GUI problem. When anything and everything is configurable in a GUI it's easy to design the interface poorly so that it's difficult to do common things without all of the different options getting in the way.

There's also the problem with poor performance in bloatware, but that's more of a problem with poor coding and programmers taking the crap they heard in school "hardware is cheap so you don't need to worry about performance" as scripture. That mentality can apply equally to any software regardless of platform.

Get PGP encryption into Mozilla

[augustz]

If you have a bugzilla account, head on over to
http://bugzilla.mozilla.org/show_bug.cgi?id=22687 and vote for what is probably the singles most popular bug there is. They need a framework which allows folks to plug in something like GPG at will. Plenty of work went into trying to get somewhere without any luck.

Re:what have YOU got to hide ?

[einhverfr]

What do I regularly encrypt?

1: Financial information (bank acct transactions, credit card accounts, tax information, etc).

2: Information I need to get past the casual check (such as viruses I am analyzing for possible harm) so that my AV software or mailer won't balk at it.

3: Confidential business information.

Here is another application to Assymetric Encryption: Digital Signatures (basically encryption in reverse). I digitally sign all:

1: Confidential business information (also encrypted).
2: Security-related emails to people who depend on my security skills (and need to be able to trust that the email really came from me-- social engineering IS a real threat).

I also sign emails that contain attachments so that the reader knows that I knowingly sent them.

OK. So is this enough of a reason why Citizen Joe would need good strong public key encryption (note that symetric encryption like 3DES will NOT provide for digital signatures).

Why did they drop it in the first place...

[tcc]

I wanted to get some PGP licenses at work.

Went on their website

It was so weirdly organized, I mean you could get a "single user" license, okay cool, "i need 10 of that" wrote down the price... sent an email to get a PO

Went back a few days after, couldn't find that product, felt on the desktop security thing for buisness, ok, 5x more, wrote down the price, went to get approval, came back a day or two later, price/license switch again... couldn't find the exact same thing that I saw the day before...I just dropped it (I don't have time to waste an hour or even minutes on a badly designed website that will make me swear and kill the next person asking me for support :) ).

That's ineffective E-Commerce, and I thought it was sometime hard to find a specific download or older bulletin on microsoft's web site (and google helping more than most websites's own search engine), but this was ridiculous, not to mention all the license type and so on. If I dropped it, a lot of people probably did the same. My question is, why the heck not having something CLEAR and a decent price list, why putting things in 5+ click deep or changing stuff left and right just so the bookmarks don't work anymore and have a nightmare to find that specific thing again?

They can blame the lack of sales, but they are to blame. I mean, when I go and buy a systemworks license (to name an example), I know the price for 1, I know the price for a 5 pack, it's clear, it's constant and they don't have a gazilion difference licensing of the same thing doing the same function exept worded differently thus giving you a different result at every searches if you change a space somewhere.

All this said, it's a shame that there are not many alternatives, the freeware version does the job but the problem is "it's not legit for buisness to run this", I wonder what will happen if the product isn't sold anymore... does it make it obsolete and unavailable thus legit to use the freeware version? it does the job on the windows platform at least.

GPG has delivered for me

[kraf]

I use it to encrypt/decrypt files I don't want others to read.
And it's quite easy: gpg -c and -d .

Decline of PGP.

[juuri]

First off we sometimes use PGP for file transfers at work. We get census data, 401kdata, lots of data with special numbers in it that people should never see. Why do we use PGP at all? Because most of the older large institutions move like the slow behomths they are. They take forever to evaluate something, much less actually roll it out. Commericial PGP was great because it gave us somewhere to point these people who still require us to allow FTP for these files and other early/mid 90s transfer methods. The commercial site offered a nice packaged product, but more importantly, SUPPORT. Support is key to large companies, they buy it for everything, regardless of need.

Now why the decline? Thanks to the widespread usage of SSL and now SSH we have convinced many of these old guard companies to go with real time data that is sent over SSL connection or through SSH tunnels (or even with scp). This is great! No more pesky FTP around. Easy key management. Easy to setup and watch. Sure the data isn't as secure in transit but really if it is secure enough to give this user the data, it is secure enough to transfer it with. Of course the best thing about realtime data is we can throw it away instantly meaning there is nothing laying around for the average village idiot script kiddie to pick up.

The only downside is we have some users that actually SCP PGP encrypted files over to us. It will be a shame when that type of security has to go away because they will dump PGP the second they can't purchase support for it.

PGPFreeware? So what?

[tweakt]

Why can't you just continue to use PGPFreeware 7.02 (whatever the latest is?) It's not like they can stop you from using it. Unless it gets "broken" somehow (I doubt it).

Re:PGPFreeware? So what?

[ssimpson]

About once or twice a year a bug of security significance is uncovered in PGP (e.g. the ADK bug, the RNG on UNIX bug, the keystorage bug etc) and this would render the latest 7.02 next to useless.

Why can't people amend the source code and recompiler themselves? They don't have access to the source code.

Also remember that PGP is now very (over-) complicated and includes various drivers and kernel hooks. Every new version of an MS operating system (Win2k, WinME, WinXP) breaks compatibility.

The best current hope is the CKT builds of PGP, that are based on the 6.5.8 code. These have all known bugs fixed and still work on all Win32 operating systems. This is also the only version that is actively maintained!

Re:Why is PGP Freeware not an option?

[pkplex]

Surely there must be more reasoning behind the "(PGP Freeware is not an option, since it's tied into the Network Associates product)." qoute.

I have actually just installed PGP 7 Freeware on my NT4/Win2000 box, and was a bit worried when I saw that qoute.. I want PGP 7 Freeware to be secure. Is it not so?

Can somebody please explain ?

Outlook, and outlook alone

[coyote-san]

The problem isn't S/MIME per se. Anyone who can use OpenPGP libraries can easily use S/MIME, and vice versa. The problem is Outlook, pure and simple.

I don't remember the details, but it's been discussed on the OpenSSL lists recently. Outlook has totally dropped the ball on multi-part S/MIME messages. Because they're the 800-pound special-ed gorilla their incompetence means that few people are interested in using correctly working multi-part S/MIME tools that can't interoperate with the majority of people, while the coders understand how much damage is being done by the broken Outlook implementation and refuse to be involved in any effort that gives it credence.

I'm rarely see black hats hiding in shadows, but this is one of those exceptions. It's too easy to imagine some spook taking advantage of the fact that MS can kill the market for secure communications, while ensuring that the tools are still available for their users.

Re:i dont' think the "geek factor" is the real bar

[Chasing+Amy]

> Uh, think 9/11. Think "encryption is only used for terrorism and illegal pornography."
> Think "there's a ph@t defense contract in it for you if you make that product go away."

*Exactly*. This isn't the first, either--far more suspicious was the untimely death of the ZKS' Freedom Network, which the respected founder insisted was planned before 9/11, but which was never announced until a a short time after 9/11 and which left users with practically no advance notice. One suspects that either the founders of the Freedom network got a good talking to with some sticks and carrots, or they got worried that theyr network was or could be used by terrorists, and shut it down out of "conscience." A rebuttal was even posted here on /., but it will *always* look suspicious due to both timing and unbelievably short notice.

Encryption for the masses is exactly what the U.S. government doesn't want, because it would render their unbelievably involved Carnivore/Echelon/UKUSA electronic eavesdropping network useless if we all started seamlessly using PGP or encrypting all our traffic through Freedom servers.

It is, however, the only way we can guarantee our Constitutional rights to privacy and freedom of expression in the electronic aether. It will always be trivial to the dedicated criminal or terrorist to communicate covertly over the Net, no matter how many carnivorous hubs may be weeding through traffic. It's the little guys caught in the crossfire we have to worry about--the kind of guys who are posted about every couple of weeks on /., who get busted for writing anti-globalization websites or for other minor matters.

Face it: governments *always* want more power, and when unchecked they take it. That's why our system was deliberately created with a lot of checks and balances to impose a sort of "gridlock" to prevent sudden sweeping changes to governmental authority. 9/11 removed those deliberate obstacles and got everyone working together to impinge our freedoms with USA/PATRIOT and the FBI's larger scope for its surveillance projects and busts. People really need to start considering getting encryption integrated into everything they can, seamlessly, before they're no longer allowed to. Don't think it couldn't happen--the likelihood of the Court allowing various limited encryption bans does have a correlation with the number of people using encryption...

Geeks & Interfaces

[maggard]

NAI PGP for Windows was a good program?! Show me one average person who ever felt it was a slam-dunk. You know, not the ones who read /. but those that had to install it for some reason, were given this fool thing and a sheet of local instructions and told "install this" and weren't found trembling under their desk 3 days later with a pooched PC.

Ech.

Some great concepts but still a cranky idiosyncratic bastard of a program. Trivial to use? Sure, after reading far too many poorly written manual pages. Easy to interact with? When it didn't hopelessly mangle what it was supposed to secure (we didn't want one-way!) Integrated - as long as you didn't do this or that or...

Look, you want a well integrated NAI program look at how NAV interacts with Outlook. Yeah it's a big pig and lots of folks hate it but to the user it's *not an issue*. It scans for nasties. It scans incoming & it scans outgoing. It can be configured with a few clicks in a clean interface written in simple language. It just works.

Personally I ask any ambitious developer to take the same strategy NAI does for NAV and don't try to build yourself into the apps and instead become a proxy. I'd love a local PGP proxy app that my mail could go through. The only interface I'd need would be a tiny plug-in to set a header on messages for the proxy to read and act on. That sort of plugin should be simple enough to write for all of the popular email apps, let the engine remain consistant across everything.

With how to talk to the engine simplified then the effort can be moved to making PGP as an installation easier, more intuitive, and less of a jerk. For one thing default to a minimal install, go the install-on-demand route if need be, but DON'T dump a half-dozen applications into a system by default. Firewalls and VPNs are lovely but make sure the customer knows what they're getting into first, leave it as a second phase install by default. Plug-ins? Drop folks to a web-page where plugs for each app can be listed. Include some default plugs in the install for the most common uses but still encourage the ambitious to check out the newer/more featureful/not-in-the-distrib versions.

Finally, why isn't there yet a standard for PGP-certifying and/or encoding web-pages?

Re:Why is PGP Freeware not an option?

[Chasing+Amy]

Umm, PGP isn't *exactly* closed-source--only the latest versions 7.x truly are. Up through 6.5.8 the source is available free for non-commercial use according to its own license. http://www.pgpi.org/ for details and source code. In fact, most PGP fans don't use version 7 precisely because the code hasn't been released and reviewed yet, while many of the earlier builds have undergone a good deal of scrutiny.

In fact, there are several unofficial forks. I myself use 6.0.2ckt Build 07 from http://www.ipgpp.com/ , which seems to be popular with a lot of folks. The real hardcore PGP zealots are still using 2.6.x branches. Personally, I have no idea what the submitter of the story was thinking when he used that phrase. Most PGP users will continue to use PGP, and if bugs are found they will be fixed, just as the unofficial 6.0.2ckt version has gone through 7 build releases as has 6.5.8ckt. If a bug is found, someone will fix it, no problem.

Encrypted email will arrive

[karlm]

...as soon as AOL decides it makes business sense to integrate it.

I sign nearly all of my outgoing emails, but seriously, encryption will remain a geek toy until AOL or another big player decides to provide public key infrastructure (PKI, keys signed by eidey trusted authorities, or sufficiently many people that are minimally seperated from you) for its users. There are plenty of GUI encryption email clients out there. I believe there's a GPG plugin for Eudora. However, finding your friend's public key is hte big problem right now. Once everyone's ISPs ste[ in and sign the user's keys and proide key servers, then signed and encrypted email will be the norm. After a short bit, you will be able to filter out SPAM by doing good checks on signatures, or prosecuting those spammers that actually sign their emails with valid and registered keys. Encryption will also greatly increase CPU demands for mass emailing. This is why ISPs will like crypto: it deters spam and reduces thier bandwidth requirements. The big question is: how long will it take for a major ISP to start providing PKI.

Key generation isn't hard. Once AOL starts signing all of their users' public keys, then it will be common practice for you email client to go the all of the recipients' ISPs, verify their Verisign certificate, and verify theirsignature on the user's public key, then encrypt everything at transmit time.

Key generation isn't all that tough. Nearly everyone trusts Verisign.

Outlook plugin

[Moritz+Moeller+-+Her]

Here is the gpg Outlook plugin, German and English version:
http://www3.gdata.de/gpg/download.html

There is a very good frontend available right now!

[calle42]

Go to www.gnupp.org, home of the GNU Privacy Project. GnuPP is (currently) only for Windows and consists of an easy installer for GPA, GPG and WinPT. This is being sponsored by the German government (like GnuPG itself too), fully GPL'ed, and at least for us Germans, there's a good manual available from the Wirtschaftsministerium too. Anybody can order it for _free_. They gave printed documentations including an installer CD away for free at CeBIT. Anybody who can get this, should. The page there is still in German, but there's an english version of GnuPP too.

Non-geeks had trouble with NAI PGP

[ssimpson]

Often people say that "GPG needs a frontend before non-geeks can use it". That point is probably true, but even though NAI PGP has had a "mature" GUI based front end for several revisions, normal users are still incapable of getting their head around creating keys, the difference between public and private keys, the difference between signing and encryption etc etc.

A usability study was undertaken by researchers at Carnegie Mellon in which they found that virtually 0 non geeks managed to use PGP successfully anyway.

Sure, OpenPGP based programs need to achieve better reach, but simply copying the NAI PGP design won't achieve this goal....

GPG and MacGPG

[ReadParse]

I'm one of those many recent OS X converts who just bought my first Mac, after years of having used Unix and Windows.

PGP is something I've played with over the years, like a lot of geeks, but never used religiously. But I decided a few months ago that it was something I should start using regularly, so I sought out a mail client with built-in PGP (or variant) support. I found a neat little (non-free) Windows e-mail client called The Bat! (that's their exclamation point, not mine), which had not only built-in support, but you can configure it to use PGP, GnuPG, and even their own OpenPGP implementation. That and many other cool features persuaded me to buy that e-mail client, after which time I decided to throw the switch and begin signing all e-mail that I send.

Along the way I discovered WinPT (Windows Privacy Tray), which is a decent little frontend for GPG. Remember, GPG is a backend -- how you interface with it is up to you.

The came my Titanium PowerBook. I got it for all the reasons mentioned around Slashdot and elsewhere, but I didn't really expect to find cool things like a good GPG frontend, let alone e-mail with GPG support. Boy was I wrong! I went to the GPG site and found a link to the Mac GPG site, which ports GPG to OS X. Not only the backend, but a frontend that integrates with the "Finder" (that's Mac-speak for the "Explorer" equivalent), right in the "Services" menu (which is much like the global right-click menu in Windows Exploror.

But that's not all! I saw further down on the same page that somebody else has written an extension to the OS X default mail client (which ain't as bad as you might think) that provides very good GUI GPG support for mail.

So, even though switching over to the Mac isn't the easiest thing in the world (I say that as I sit here typing on my Windows machine for reasons I won't go into), I can say that GPG is among the least of my problems.

RP