Slashdot Mirror

← Back to Stories (view on slashdot.org)

Moxie Marlinspike: GPG Has Run Its Course

Posted by Soulskill on from the end-to-end-before-the-ends-moved dept.

An anonymous reader writes: Security researcher Moxie Marlinspike has an interesting post about the state of GPG-encrypted communications. After using GPG for much of its lifetime, he says he now dreads getting a GPG-encrypted email in his inbox. "Instead of developing opinionated software with a simple interface, GPG was written to be as powerful and flexible as possible. It's up to the user whether the underlying cipher is SERPENT or IDEA or TwoFish. The GnuPG man page is over sixteen thousand words long; for comparison, the novel Fahrenheit 451 is only 40k words. Worse, it turns out that nobody else found all this stuff to be fascinating. Even though GPG has been around for almost 20 years, there are only ~50,000 keys in the "strong set," and less than 4 million keys have ever been published to the SKS keyserver pool ever. By today's standards, that's a shockingly small user base for a month of activity, much less 20 years." Marlinspike concludes, "I think of GPG as a glorious experiment that has run its course. ... GPG isn't the thing that's going to take us to ubiquitous end to end encryption, and if it were, it'd be kind of a shame to finally get there with 1990's cryptography."

2 of 309 comments (clear)

  1. git blame by Anonymous Coward · · Score: 5, Insightful

    Blame Google for not implementing it in Gmail -- Then they wouldn't be able to get ad revenue and user metrics from their "free" email service.

    Blame MS for not integrating it into Outlook, but why would we expect MS to actually want security in any of their products?

    Blame Mozilla for the creaky plugin and cumbersome import/export publish keys interface in Thunderbird, and support for SMIME over GPG by default.

    Blame the users mostly for not giving a fuck about encryption.

    Personally, I don't give a fuck. Most people don't care about encryption but the ones that do, do. Some take the time to setup GPG with an email client and it actually works quite well despite my complaints about the clunky interfaces.

    I can tell you this much: Fuck publishing ANY open source software without signed and verified GPG signatures. You better have a replacement for the "experiment" that's securing the world's biggest open source projects source code, buddy, or you can GTFO for being a sensationalist maroon.

    TL;DR: People who need GPG use GPG. Those that don't give a fuck don't give a fuck. Seriously, if the average person can figure out how to use the bullshit set-top box with horrible remote control interfaces, they COULD use GPG if they wanted to, but they don't.

  2. Let me explain.... :-) by gjh · · Score: 5, Insightful

    This isn't entirely a mystery. For a technology to be widely adopted, it needs to be easy for everyone and provide demonstrable benefits. OR, it needs to provide benefits for a business who already has your custom. And there we begin to see the problem. There are two massive disincentives:

    - Crypto doesn't play well with webmail
    - Encrypted email can't be scanned for advert keywords

    So you will never see the likes of Google or Microsoft championing this. Apple - just maybe, as they would rather promote devices, and I gather they actually DO have decent end to end crypto on iMessage and so on. But even then, it's VERY hard to do in a way that customers would actually appreciate. No-one wants to get email working 95% of the time. It needs to be 100%. If you can't read 5% of your email, you're in trouble. Or you can't read email on the 5% of time that you need to access from a borrowed PC.

    It seems to me that the keys to making this work are:

    - Concentrate on signing before crypto. Get banks to sign email. Have different security levels; get to a stage where by default, only signed email will download embedded images, make links clickable without a warning, etc..
    - Find a way to make it work with webmail. Can we do this with JS? Or do we need browser support? End to end crypto It would require a way for a part of a page to be sandboxed, accept a secret to decrypt your keys, and not allow the plaintext info out. End to end signing is a little easier. This might also include retrieving the private keys from a distinct cloud service.
    - Solve the centralized trust issue. Probably derive a format from S/MINE rather than GPG for email, but critically, signing of certs needs a community trust system so you can see who trusts who, and people can get their identities signed by people they know.

    Finally, if that's widely deployed for signing then people can begin to encrypt with a hope of the other end being able to decrypt.