Can GnuPG Deliver?

jso888 writes "After Network Associates decided to halt further development of PGP, I'm sure that many users like myself who use non-CLI platforms most of the time, wondered "what next?" (PGP Freeware is not an option, since it's tied into the Network Associates product). Salon today has a nice article on GnuPG, the Open PGP/GNU alternative. The article highlights one of the problems with Open Source software today: its "by the geek, for the geek" nature, which by and large places barriers to mass adoption of OSS, especially important capabilities like personal encryption. One of the nice things about NAI PGP was its ease of use and commercial polish. It was easy to install and use, and integrated nicely with Windows software like Eudora and ICQ. GnuPG, admittedly, isn't quite there yet, the article concludes. That's too bad; given the privacy-hostile world we live in, the last thing we need is another barrier to widespread cryptography adoption."

What's holding back security

No one is building encryption or other security measures directly into products.

Encryption by itself is too difficult and esoteric for normal users. If you want to see it spread, make it easy to use and easy to understand.

Re:What's holding back security

[mlk]

SMIME, and Outlook.
It's dam easy to set up and free to get a key (and a nice button on Outlook).
No, the reason people don't use it is there is little point, not even my BANK recomends sending emails with personal data encripted!

(alas not all email clients or mail servers support S/MIME yet)

Re:What's holding back security

[psamuels]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't mean to sound elitist (ok, maybe I do) but....

Easy to use is what its all about. People who say things like PGP are easy to use for the average user are dreaming(and when I say average Im talking about grandma here). What you want is something that integrates seemlessly and is extremely esy to setup and configure.

The problem is that PKI is not easy. Key exchange is relatively easy, sure - just have the application upload and download from a keyserver. But what about key signing, and the web of trust? How do you make that part easy? To maintain security, users must understand exactly how the process works. Signing a key is a multi-step process and each step must be done with regard to absolute security. I can't imagine how you could wrap the web of trust into a slick GUI without completely negating the point.

And what about key revocation? Do you really think that when an office worker moves from one department to another, and gets a new computer, that he will think to copy his private key to a floppy and delete it from his original computer? Or, failing that, will he issue a revocation certificate when he realises that someone else now has access to the private key? For that matter, will he encrypt the private key so that he has to type a passphrase every time he accesses it?

These are not things you can easily abstract away. The user must understand the whole process, or he will never get it right. In turn, not getting it right would dilute the web of trust. And remember, the users we're talking about are the same ones who fail to understand why you don't just launch untrusted applications out of your e-mail, and why your password really needs to be at least five characters long. Does anyone think the average corporate user will have any grasp at all on how and why to use PKI in the way it was designed (i.e. securely)?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8oxyBXk7sIRPQRh0RAm/RAKC1wm0wzc/WH+vyRrC5dd b0hcKENgCeO5rH
WjQJECmQ2hIL5axm0jo0lOU=
=CuR1
-----END PGP SIGNATURE-----

Try the many front ends

[mlk]

http://www.gnupg.org/frontends.html

WinPT is quite good.
http://www.winpt.org/

But I've only found one "free software" package which is up to scrach with it's windows counterparts (in easy to install etc), and thats Apache Tomcat, and that needs some work. :)

Ahh well, maybe one day.

Re:Try the many front ends

[Llanfairpwllgwyngyll]

The front end doesn't solve the problem that *corporate* users face.

GnuPG doesn't support ADKs (additional decryption keys). A lot of people don't LIKE the whole idea of ADKs. But look at it calmly. I would NOT have an ADK in my personal PGP key under any circumstances. But the PGP key I use for work - that has a designated revoker (so if I'm sacked the key can be revoked without my cooperation), and an ADK that *requests* (it cannot enforce) that items encrypted to my work PGP key can be read by one of our Corporate PGP keys (whose use is very highly controlled - and is held split anyway).

I have encrypted disk partitions - but if I'm hit by a bus, the Corporate disk ADK can recover the data that belongs to the business.

GPG doesn't inherently support key splitting, or disk partition encryption. The key splitting allows proper auditable control over particularly powerful keys. For example, our Root Corporate Signing Key is split amongst 8 trustworthy people and at least 4 of those 8 must cooperate to bring that key together for use.

GPG is great, but it won't replace PGP in the Corporate setting (where it is used a lot more than you might expect...) even WITH a nice frontend until it can support such features. I look forwards to the time when it does!

A business cannot risk losing access to data which is encrypted, so these facilities are required.

Re:secrets and PGP

[theNote]

Good email clients will automatically check the signature for you and display the identity verification.
So, yes, in a way I check them all the time.

Re:secrets and PGP

[ilcylic]

The point isn't whether you have secrets now, it's whether you'll ever have secrets. If you only send one encrypted email, and "someone" is watching, they know to devote all of their effort to breaking that one message. It's not a matter of "having secrets to protect", it's a matter of ideologically being a thorn in the side of people who want to be able to read your email.

The other point is that it's better to use encryption because you can. It's like always using ssh, instead of "just when you don't want someone to snoop your connection". Use encryption all the time, because protecting your privacy is always a good thing.

-il cylic

Make it Seamless, Silly.

[Above]

I use gnupg. Not a lot, but with a few people who have it set up right I can just exchange PGP messages without really doing anything, which is the way it must be.

I have tried many, many products to do PGP, and they all have problems. Even GPG with my favorite mailer had some fairly big setup hurdles. Fortunately once I cleared them it was relatively easy. I can only imagine that grandma is never going to use it at the current state of integration.

PGP functionality needs to work perfectly with mailers. You enter a pass phrase, and it just works. Until that happens the masses are not going to use PGP. This is imporant. If it were that easy, 90% of e-mail could be PGP encrypted, by default no questions asked. You can get there now, but only if you know a lot about PGP, and communicate with people in the same boat.

I agree

[einhverfr]

The UNIX mentality, as far as I can tell, has quite a bit to do with building modular, scriptible components. GPG is no exception-- it comes with TONS of switches, only a few of which are likely to be used on a regular bases.

While some people characterize this as "by geeks for geeks" I don't think that is really the case. Having an extensible, scriptible component makes it REALLY EASY to build whatever frontend you want with whatever capabilities you want, and it also means that one can have the same capabilities available from a script.

Now, I agree that GPG is not yet ready for widespread adoption, but it is not the open source or UNIX mentalities that are broken. The tool just needs some time to mature.

Re:I agree

[jso888]

It strikes me as ironic that the Slashdot crowd complains about feature bloat on PC software, all the while extolling the virtues of having a gazillion switches for a single command line program.

I'm aware that I've just made a vague, sweeping generalization about just who would complain about Windows bloatware, and that I'm being slightly inflammatory. But bear with me.

My point is that both complaints really amount to criticizing the other side's mental model of How Software Should Work. Bloatware on the one hand, and having a gazillion command line switches on the other, are software developers' different approches to dealing with the same issue: meeting the needs of the user. It's just that the user they have in mind has a different profile in terms of how they expect computers should work. Strange that I should ever agree with Spolsky 100% on this.

So I stand by my characterization of the "by geeks for geeks". Switch that phrase to "by lusers for lusers", and hey presto, you're criticizing Windblows.

And that's the problem I have with this vague non-declared goal of OSS taking over the desktkop, and it's why I think losing NAI PGP is such a big deal.

You -- the Slashdot crowd "you", not the "einhverfr" you -- extol the virtues of "anyone" being able to put together a front end on top of the actual encrypt/decrypt model. Well, that's not what Joe in accounting is willing or able to do. You -- again, the Slashdot crowd "you" -- talk about the importance of encryption evangelization. Well, Joe in accounting thinks it's a pretty good idea, but can't for the life of him figure out what he needs to do to sign his Eudora-sent email in the first place.

In the end, I don't think at all that the UNIX mentality is broken, nor is Winblows' (well, not fundamentally broken, anyway).

I do think that there's a huge userbase demanding (in the economics sense) a package that will fill the gap caused by the loss of NAI PGP, or a non-MS product, or what have you.

It's just a question of whether those with the so-called UNIX mentality are willing to approach the problem from the other point of view. I'm cautiously optimistic.

Re:I agree

[jgerman]

It strikes me as ironic that the Slashdot crowd complains about feature bloat on PC software, all the while extolling the virtues of having a gazillion switches for a single command line program

I think you're missing the distinction between flexibility and "bloatware". Software only becomes bloatware when all those additional feature impede the everyday use of the software. Command line switches don't cause this problem, regardless of whether of not it's a command line Unix program or a command line Windows (I know, I know). The reason being that most command line programs use few switches for normal operations. Bloatware is usually a GUI problem. When anything and everything is configurable in a GUI it's easy to design the interface poorly so that it's difficult to do common things without all of the different options getting in the way.

There's also the problem with poor performance in bloatware, but that's more of a problem with poor coding and programmers taking the crap they heard in school "hardware is cheap so you don't need to worry about performance" as scripture. That mentality can apply equally to any software regardless of platform.

Get PGP encryption into Mozilla

[augustz]

If you have a bugzilla account, head on over to
http://bugzilla.mozilla.org/show_bug.cgi?id=22687 and vote for what is probably the singles most popular bug there is. They need a framework which allows folks to plug in something like GPG at will. Plenty of work went into trying to get somewhere without any luck.

Re:what have YOU got to hide ?

[einhverfr]

What do I regularly encrypt?

1: Financial information (bank acct transactions, credit card accounts, tax information, etc).

2: Information I need to get past the casual check (such as viruses I am analyzing for possible harm) so that my AV software or mailer won't balk at it.

3: Confidential business information.

Here is another application to Assymetric Encryption: Digital Signatures (basically encryption in reverse). I digitally sign all:

1: Confidential business information (also encrypted).
2: Security-related emails to people who depend on my security skills (and need to be able to trust that the email really came from me-- social engineering IS a real threat).

I also sign emails that contain attachments so that the reader knows that I knowingly sent them.

OK. So is this enough of a reason why Citizen Joe would need good strong public key encryption (note that symetric encryption like 3DES will NOT provide for digital signatures).

Why did they drop it in the first place...

[tcc]

I wanted to get some PGP licenses at work.

Went on their website

It was so weirdly organized, I mean you could get a "single user" license, okay cool, "i need 10 of that" wrote down the price... sent an email to get a PO

Went back a few days after, couldn't find that product, felt on the desktop security thing for buisness, ok, 5x more, wrote down the price, went to get approval, came back a day or two later, price/license switch again... couldn't find the exact same thing that I saw the day before...I just dropped it (I don't have time to waste an hour or even minutes on a badly designed website that will make me swear and kill the next person asking me for support :) ).

That's ineffective E-Commerce, and I thought it was sometime hard to find a specific download or older bulletin on microsoft's web site (and google helping more than most websites's own search engine), but this was ridiculous, not to mention all the license type and so on. If I dropped it, a lot of people probably did the same. My question is, why the heck not having something CLEAR and a decent price list, why putting things in 5+ click deep or changing stuff left and right just so the bookmarks don't work anymore and have a nightmare to find that specific thing again?

They can blame the lack of sales, but they are to blame. I mean, when I go and buy a systemworks license (to name an example), I know the price for 1, I know the price for a 5 pack, it's clear, it's constant and they don't have a gazilion difference licensing of the same thing doing the same function exept worded differently thus giving you a different result at every searches if you change a space somewhere.

All this said, it's a shame that there are not many alternatives, the freeware version does the job but the problem is "it's not legit for buisness to run this", I wonder what will happen if the product isn't sold anymore... does it make it obsolete and unavailable thus legit to use the freeware version? it does the job on the windows platform at least.

Decline of PGP.

[juuri]

First off we sometimes use PGP for file transfers at work. We get census data, 401kdata, lots of data with special numbers in it that people should never see. Why do we use PGP at all? Because most of the older large institutions move like the slow behomths they are. They take forever to evaluate something, much less actually roll it out. Commericial PGP was great because it gave us somewhere to point these people who still require us to allow FTP for these files and other early/mid 90s transfer methods. The commercial site offered a nice packaged product, but more importantly, SUPPORT. Support is key to large companies, they buy it for everything, regardless of need.

Now why the decline? Thanks to the widespread usage of SSL and now SSH we have convinced many of these old guard companies to go with real time data that is sent over SSL connection or through SSH tunnels (or even with scp). This is great! No more pesky FTP around. Easy key management. Easy to setup and watch. Sure the data isn't as secure in transit but really if it is secure enough to give this user the data, it is secure enough to transfer it with. Of course the best thing about realtime data is we can throw it away instantly meaning there is nothing laying around for the average village idiot script kiddie to pick up.

The only downside is we have some users that actually SCP PGP encrypted files over to us. It will be a shame when that type of security has to go away because they will dump PGP the second they can't purchase support for it.

Re:secrets and PGP

[tftp]

igning e-mails sounds more like a liability than anything else.

One day someone receives an email from his parents, asking for urgent money transfer because of some disaster; the bank account is provided. The guy goes to the bank and transfers almost all he has.

A week later this person might be very upset that he did not demand a digital signature on the email because his parents never sent him any requests for money, are in perfect health and have no idea whose bank account it was...

Outlook, and outlook alone

[coyote-san]

The problem isn't S/MIME per se. Anyone who can use OpenPGP libraries can easily use S/MIME, and vice versa. The problem is Outlook, pure and simple.

I don't remember the details, but it's been discussed on the OpenSSL lists recently. Outlook has totally dropped the ball on multi-part S/MIME messages. Because they're the 800-pound special-ed gorilla their incompetence means that few people are interested in using correctly working multi-part S/MIME tools that can't interoperate with the majority of people, while the coders understand how much damage is being done by the broken Outlook implementation and refuse to be involved in any effort that gives it credence.

I'm rarely see black hats hiding in shadows, but this is one of those exceptions. It's too easy to imagine some spook taking advantage of the fact that MS can kill the market for secure communications, while ensuring that the tools are still available for their users.

Geeks & Interfaces

[maggard]

NAI PGP for Windows was a good program?! Show me one average person who ever felt it was a slam-dunk. You know, not the ones who read /. but those that had to install it for some reason, were given this fool thing and a sheet of local instructions and told "install this" and weren't found trembling under their desk 3 days later with a pooched PC.

Ech.

Some great concepts but still a cranky idiosyncratic bastard of a program. Trivial to use? Sure, after reading far too many poorly written manual pages. Easy to interact with? When it didn't hopelessly mangle what it was supposed to secure (we didn't want one-way!) Integrated - as long as you didn't do this or that or...

Look, you want a well integrated NAI program look at how NAV interacts with Outlook. Yeah it's a big pig and lots of folks hate it but to the user it's *not an issue*. It scans for nasties. It scans incoming & it scans outgoing. It can be configured with a few clicks in a clean interface written in simple language. It just works.

Personally I ask any ambitious developer to take the same strategy NAI does for NAV and don't try to build yourself into the apps and instead become a proxy. I'd love a local PGP proxy app that my mail could go through. The only interface I'd need would be a tiny plug-in to set a header on messages for the proxy to read and act on. That sort of plugin should be simple enough to write for all of the popular email apps, let the engine remain consistant across everything.

With how to talk to the engine simplified then the effort can be moved to making PGP as an installation easier, more intuitive, and less of a jerk. For one thing default to a minimal install, go the install-on-demand route if need be, but DON'T dump a half-dozen applications into a system by default. Firewalls and VPNs are lovely but make sure the customer knows what they're getting into first, leave it as a second phase install by default. Plug-ins? Drop folks to a web-page where plugs for each app can be listed. Include some default plugs in the install for the most common uses but still encourage the ambitious to check out the newer/more featureful/not-in-the-distrib versions.

Finally, why isn't there yet a standard for PGP-certifying and/or encoding web-pages?

Re:Why is PGP Freeware not an option?

[Chasing+Amy]

Umm, PGP isn't *exactly* closed-source--only the latest versions 7.x truly are. Up through 6.5.8 the source is available free for non-commercial use according to its own license. http://www.pgpi.org/ for details and source code. In fact, most PGP fans don't use version 7 precisely because the code hasn't been released and reviewed yet, while many of the earlier builds have undergone a good deal of scrutiny.

In fact, there are several unofficial forks. I myself use 6.0.2ckt Build 07 from http://www.ipgpp.com/ , which seems to be popular with a lot of folks. The real hardcore PGP zealots are still using 2.6.x branches. Personally, I have no idea what the submitter of the story was thinking when he used that phrase. Most PGP users will continue to use PGP, and if bugs are found they will be fixed, just as the unofficial 6.0.2ckt version has gone through 7 build releases as has 6.5.8ckt. If a bug is found, someone will fix it, no problem.

Encrypted email will arrive

[karlm]

...as soon as AOL decides it makes business sense to integrate it.

I sign nearly all of my outgoing emails, but seriously, encryption will remain a geek toy until AOL or another big player decides to provide public key infrastructure (PKI, keys signed by eidey trusted authorities, or sufficiently many people that are minimally seperated from you) for its users. There are plenty of GUI encryption email clients out there. I believe there's a GPG plugin for Eudora. However, finding your friend's public key is hte big problem right now. Once everyone's ISPs ste[ in and sign the user's keys and proide key servers, then signed and encrypted email will be the norm. After a short bit, you will be able to filter out SPAM by doing good checks on signatures, or prosecuting those spammers that actually sign their emails with valid and registered keys. Encryption will also greatly increase CPU demands for mass emailing. This is why ISPs will like crypto: it deters spam and reduces thier bandwidth requirements. The big question is: how long will it take for a major ISP to start providing PKI.

Key generation isn't hard. Once AOL starts signing all of their users' public keys, then it will be common practice for you email client to go the all of the recipients' ISPs, verify their Verisign certificate, and verify theirsignature on the user's public key, then encrypt everything at transmit time.

Key generation isn't all that tough. Nearly everyone trusts Verisign.