The whole design of PGP is to be the envelope to make email private, versus the plaintext postcard that everybody can read. It works with existing servers and existing mail clients.
The biggest Snowden revelation is the importance of metadata. Just knowing whom you talk to, when, is frequently enough to compromise the parties involved. You might be doing something legal now, but you can’t tell when some despot takes over and makes your activity illegal. When data can potentially last your lifetime, you need to consider this sort of thing. Illustration: Using Metadata to find Paul Revere. [1]
So, we need a new mail transmission protocol that limits the amount of metadata that can be seen. Something like Dark Mail [2]. I don’t think Open Whisper Signal hides the metadata.
The problem is that Dark Mail needs to be developed and its security reviewed, and people need to adopt it. It needs new servers and clients, and the prevalence of Windows shows just how difficult that problem is. Also, any new messaging program these days needs a story about web and mobile.
In practice, I heard someone say that the biggest improvement in people’s privacy has been use of Gmail. The clients connect to it with SSL certificates controlled by Google; Google promotes 2-factor authentication and access tokens; and Google’s legal team challenges subpoenas. As long as you are not leaking national security secrets, I think this is adequate until a better system is deployed.
> In practice, I heard someone say that the biggest improvement in people’s privacy has been use of Gmail.
In practice, until Snowden happened, NSA was able to access all the Google's internal data as Google replicated in plaintext its whole datacenters through the links snooped by the NSA or the GCHQ.
I think of it like this: usability can be a security feature.
If you build a "perfectly secure" piece of software, but it takes a very high level of skill to use it, your users will use something else that is easier to use, but less secure. And then how has your ideologically perfect piece of software helped improve their security?
If you make tradeoffs for usability, you will raise the bar because people will actually use what you make.
For instance, Apple's fingerprint reader is not secure because with enough work you can make a mold of somebody's print and fool it. Except now virtually everybody with an iPhone has it set up so that in practice nobody else can access their phone.
Another thing is key generation. Encryption people demand perfect randomness for the key generation, and that means the key is this crucial piece of data that must be perfectly protected and copied about. That's unusable for most people. Instead, pick the key from 1 billion derived from a user's password. If they use a different computer, or reinstall their OS, or whatever reason then the software just takes a while to try each billion until it finds the one that works.
Or encrypted email. For perfect security you need a safe way to exchange keys beforehand and all kinds of trouble. No. Just have software attach your public key in unencrypted email to recipients. If you receive an email with somebody else's public key then the software starts encrypting to them using it. It's insecure in so many ways, but it would mean the majority of email being encrypted and if done right with almost no impact to the user (password-derived keys, password change automatically sending yourself a new-key-encrypted email with the old key, etc).
Security people need to stop seeing things in black and white. Something can be insecure and "broken", yet still raise the overall level security.
That's the exact line of thinking our lab has been on. Security<-->usability is a tradeoff, and PGP seems to sit too far on the secure end of the spectrum to be useful to most users. We're working on a way to deliver progressively enhanced security, while onboarding less technical users with more usable features.
Fork Thunderbird or some such client, also make a web client available. Make a new service which offers only encrypted e-mail by default (with a new e-mail address that includes e-mail hosting for your own domain) and provides the key server and everything else. Advertise it as something different from e-mail like encrypted e-mail. Set a new precedent, create a new industry.
I see two major barriers to mass adoption of any crypto system that requires a UI.
1. Abstraction. For the non-expert, the only metaphor that works for PKI is that of physical security. The concept of a "key" as a series of characters or a file that must be protected must be replaced by an abstraction that allows users to protect it in the same way they understand how to protect a key or a wallet.
So long as the "key" continues to appear to be an enormous password, people will continue to treat it that way, along with all the crazy worst-practices in the world. Not to mention the huge host of problems that accompanies key security for the layman.
I don't know what the answer is, but I do think that a physical token of some sort is the right start.
2. At the end of the day, the vast majority of people are not interested in the trade off between better security and convenience.
There is a learning curve, however shallow it can be made, and those that genuinely want or need better security are motivated enough to do the learning. For everyone else, it's like optional homework.
I would add to this that most everyone I know who cares about security is quite comfortable with a large array of APIs and software to do all sorts of cryptographic gymnastics. The bar is quite low already -- it has been for some time, IMO.
>We present the user with four items, a key, lock, seal and imprint. The key
and lock serve the purposes of encryption: Alice distributes her locks as
widely as possible so that others can send her messages that only she
can open with her key. Similarly, the seal and imprint handle signing:
Alice passes out copies of her imprint so others can verify her as the sender
of messages she has stamped with her seal. Collected together, we refer to
these four items as a toolkit this abstraction handles the contingency where
a user loses her key but not her seal: we insist that the toolkit represents
an indivisible unit that must be replaced whenever any element is lost.
> 1. Abstraction. For the non-expert, the only metaphor that works for PKI is that of physical security. The concept of a "key" as a series of characters or a file that must be protected must be replaced by an abstraction that allows users to protect it in the same way they understand how to protect a key or a wallet.
I've been using GPG since a while now, to sign my outgoing mail. I don't encrypt it as I don't know anyone who uses GPG. I'm still happy to use it, to get used to it, and to see alternative uses. Signing is in my view a big improvement, to make sure nobody has messed with the messages. I always use HTML, so the receiver gets an attachment with the signing hash in it, and no strange text in the mail. I use a signature with a link to my public key and a link to the PGP page on Wikipedia. Everybody can read my mail, and if they want they can validate it.
I agree that some terminology could make it easier. I think "key" is an ok choice for the private key, but for the public key I think there could be a better analogy. Calling them the same thing is a bit confusing and people don't understand that one of them you give away, while the other is confidential.
When I explain it to people I tell them that their public key is like an unlocked lockbox that you give people into which they can put a private message. They can close the box to lock it, but once they shut the box only you have the key to open it.
It's not a great analogy but it seems to me that the public key does not make sense as a "key" to the average person.
Real secure encryption is and always will be not user friendly because it means only you can know the private key. This means no "Forgot my password" functionalities, no fancy powerful cloud AI analyzing your data and suggesting cool stuff, no free hosted full text search of your data, no open directory of friends to search on etc. So basically, no gmail, icloud, facebook, dropbox etc. It would require a complete new paradigm, sure there are interesting techs such as ethereum and bitcoin but they are not user friendly, and don't scale much to the regular user (downloading the whole blockchain is a no-no to most people for example) but most importantly, current solutions are too convenient and work really well (bar privacy and security issues most don't care about). So you'd need a tech that not only is way better, more efficient and smarter than current ones (gmail, google, facebook, icloud etc) but also secure and decentralized. Not happening any time soon but hopefully not impossible either.
Because I have no interest in memorizing keys, I store them on disk protected by a passphrase. I don't know if this counts as "Real secure encryption" but it's sure a lot more secure than more typical use of email.
I think it's easy to pick on a weak example, but much progress has been made since the original "Why Johnny Can't Encrypt".
A recent example: Textsecure / Signal has been very, very smooth for me and I doubt it'd be much more difficult for laypeople either: https://whispersystems.org/
Although, like mentioned in above comments, Signal does not hide metadata, which can be as valuable to attackers as the contents of the messages themselves.
Also, in terms of adoption, it's still hard when everyone has phones that use iMessage or SMS by default. iMessage is end-to-end encrypted, but not compatible with Signal, and Android has no equivalent baked in. Using Signal requires two extra steps for the user 1) downloading/installing Signal 2) knowing about it and caring enough to use it in the first place.
PGP does have a legitimate use case, namely Edward Snowden: he's technical, the NSA is his main threat vector, and it makes sense for him to spend lots of time reasoning about the web of trust, signing keys, double-checking fingerprints, and creating 12-minute explainer-videos for people he needs to communicate with (for reference: https://vimeo.com/56881481).
Here's the problem: not everyone needs the stringent encryption guarantees that Snowden needed. There is value in crypto systems that are less demanding than PGP, especially if they come with vast increases in usability.
iMessage, I think, is what most people need in their everyday life. It's end-to-end encrypted, and although it has a central key-server, it is backed by Apple, which has publicly announced their commitment to user privacy. Yes, a central key-server means that you can't verify the fingerprints Apple gives you, but again, that's not what iMessage's encryption was designed for. If you need that level of certainty, use Signal.
We live in the information era, information nowadays is the ultimate power. Democracy depends on the balance of power between the people and the government. If the government has all the data, it has all the power.
> While our results are disheartening, we also discuss several ways that participant experiences and responses indicate how PGP could be improved.
Have you approached the developers of both Mailvelope and Gmail to discuss these improvements? How did they respond? Also, have you participated in usability discussion with the OpenPGP developer community at large? Any insights?
I ask because it seems like everyone who isn't very active in the OpenPGP developer community thinks that usability is a high priority. But, in my experience, when you start to bring up the topic of user-friendliness in the mailing lists, you get resistance or apathy. It seems like this is a problem of culture and incentives. How can those issues be addressed?
Yes, we probably would have gotten better usability scores if we developed our own PGP client with a better UX and tutorials. We selected Mailvelope because it was rated highly on the EFF's secure messaging scorecard [1] and we were exploring how the state-of-the-art in PGP software actually performed with end users.
It's worth mentioning, the original paper [0] recently won the USENIX Security 2015 Test of Time Award [1], which highlights papers at least 10 years old, that have made a lasting impact on their field.
i'm not entirely sure this is worthy of a paper... its pretty much a common sense conclusion to reach if you've ever tried to use these things that the UX is usually terrible - even by the standards of a technical user.
too many manual efforts need to be made, even after setting up software that is purely designed to make this sort of thing easier.
mailvelope is a good example though - i've tried using it, but its not very clear what to do with it, and even once you get to the point of having the button appear in your gmail or whatever you have to then go and do even more things before you can actually send something that is encrypted. optimising this workflow should be trivial... a lot of this stuff can be done for you, e.g. by automatically enabling for common webmail sites, automatically generating some keys for you etc.
I think we should start with an EXTREMELY simple app that does not attempt to do any fancy e-mail client integration, but is aimed at making it possible for non-nerds to send one-off secure mails and files in a way that is at least SLIGHTLY fun.
Keybase, GPGTools, and all of these things have different features and menus and all kinds of stuff which makes them EXTREMELY intimidating.
My mom is a teacher of computers, she is an expert at Excel and basic Windows things and Twitter and mail and she's even somewhat into Bitcoin, but crypto makes her instantly freeze into "oh my god what is happening I am terrified and confused" mode.
Today she needed to send some encrypted JPGs to verify her identity for some Bitcoin wallet thing. The support asked her to please encrypt her stuff with our public key.
When she opened that public key it came up in Notepad++ as a huge intimidating block of random characters. That was probably enough to put her in a bad mood. After that she wasn't very receptive and I guarantee that every single guide or tutorial or program would be WAY too nerdy, boring, and complicated for her to follow step one.
Anyway I just did it for her on my Mac and I explained my thoughts as I did it and she said "see I understand the concepts but it's just too much stuff to know about to actually do it myself."
I said "yeah, that's what Snowden keeps saying, these things are just too difficult for normal people. Even Glenn Greenwald, that journalist you know, apparently he sucks at computers and it took him months to even install the crypto app."
So I wish I could have said "just go to crypto.express" (random made up available memorable domain) and follow the easy steps and you can encrypt your zip file pretty easily with just drag and drop and it's totally made for newbies but still Snowden-level secure.
I don't really think people in general relate to the paranoid wish to encrypt all your mail. They probably think more in terms of specific secrets that they care about protecting. So you could get them started on use cases like sending passport photos, passwords, codes, credit card numbers, or dick pics or whatever it may be.
Once they have some tiny bit of successful experience with using private/public keys that one time, and it wasn't super impossible like they thought, they might be more open to learning more sophisticated ways of using crypto, such as automatically encrypting and signing mail.
I created an account there and never used it ever again, same for most people I know. Even the rock stars featured there don't seem to be using it. Also, in what world is a cli tool with a git-like interface "pretty easy" outside of the tiny world of computer programmers?
I have a keybase account that I used it the other day to have a few secrets sent to me from various sources. I have to say, even as a complete geek, I wasn't that thrilled with the experience.
I have a new machine so I had to go through the setup process. First I had to install node/npm, and then their stuff, and then some other PGP apps. The whole thing felt really clumsy.
I'm a bit of encryption novice, but for what I get, it feels like the openssl tools on my mac should be able to do everything without having to jump through all the hoops.
Then there's the user experience on the other side. I had to send people to the keybase page to get them to generate the message and then email / send that to me. That's annoying and probably verges on terrifying for non-geeks.
Afterwards I thought to myself, why can't I sent up an html / js page with my public key in? It would have a single box called "Send something to me" and it could do the encryption client side and then fire me an email, or stick it in firebase, or whatever.
I know this doesn't solve all of the issues (trust etc) but when I'm just trying to give customers a way of getting me a password or something without them sending it via email it goes a long way and removes a lot of the friction.
If someone could use your public SSH from say Github and send you a private message that would be great. From my understanding that is not possible. You need to generate and exchange PGP keys before, a major UX issue. Allow SSH public keys to be used and we'll be a lot closer to fixing the secure email issue.
Also Facebook (which has an official onion site to help if your internet connection is suspect) has GPG as a standard part of all user profiles. This would be a much more normal person directory than GitHub or MIT ( yes someone on HN suggested MIT as a mainstream PGP directory)
That's pretty much what https://keybase.io does, in a roundabout way. It links your public identity across many social networks to a PGP key, so you could say "let me talk to kstrauser on GitHub" (or on Hacker News!) and it would map that back to my public key.
It's unrealistic to expect naive subjects to learn how to use GnuPG in an hour. It takes longer than that to learn a new game! People need at least to know what public-key cryptography is before trying to use it. But unfortunately, the Wikipedia entry is rather intimidating.[0] The GnuPG FAQ (at 7.1) is clearer, but not so easy to find.[1]
Maybe you should try Jumble (www.jumble.io) for email encryption - works with Gmail, iOS and MS Outlook.
Jumble manage key pairs for users and encrypt the private key with the users password so they don't have access, this ultimately simplifies the whole process for the end user and frees them from the key management aspect which is the major pain-point with PGP-based solutions.
Also, it integrates on top of existing emails clients so no need to change your email address or how you interact with emails.
At this point the only way for PGP or really any user-based encryption to get widespread use, gmail, yahoo and microsoft need to adopt it and integrate it into their webmail client, possibly as a semi-mandatory feature that's opt-out instead of opt-in.
Anything less will fail as no one is interested in getting a new email address.
Anecdotally, I've tried three of four times to learn how to use PGP and integrate it into my workflow and failed each time, so it definitely needs work (at least if they want me on board :))
[+] [-] Decade|10 years ago|reply
The whole design of PGP is to be the envelope to make email private, versus the plaintext postcard that everybody can read. It works with existing servers and existing mail clients.
The biggest Snowden revelation is the importance of metadata. Just knowing whom you talk to, when, is frequently enough to compromise the parties involved. You might be doing something legal now, but you can’t tell when some despot takes over and makes your activity illegal. When data can potentially last your lifetime, you need to consider this sort of thing. Illustration: Using Metadata to find Paul Revere. [1]
So, we need a new mail transmission protocol that limits the amount of metadata that can be seen. Something like Dark Mail [2]. I don’t think Open Whisper Signal hides the metadata.
The problem is that Dark Mail needs to be developed and its security reviewed, and people need to adopt it. It needs new servers and clients, and the prevalence of Windows shows just how difficult that problem is. Also, any new messaging program these days needs a story about web and mobile.
In practice, I heard someone say that the biggest improvement in people’s privacy has been use of Gmail. The clients connect to it with SSL certificates controlled by Google; Google promotes 2-factor authentication and access tokens; and Google’s legal team challenges subpoenas. As long as you are not leaking national security secrets, I think this is adequate until a better system is deployed.
[1] http://kieranhealy.org/blog/archives/2013/06/09/using-metada...
[2] https://darkmail.info
[+] [-] acqq|10 years ago|reply
In practice, until Snowden happened, NSA was able to access all the Google's internal data as Google replicated in plaintext its whole datacenters through the links snooped by the NSA or the GCHQ.
http://www.slate.com/blogs/future_tense/2013/10/30/nsa_smile...
[+] [-] baudehlo|10 years ago|reply
Calls for whole new protocols for email are usually made by people who don't understand the email ecosystem as it currently stands.
[+] [-] squidlogic|10 years ago|reply
If you build a "perfectly secure" piece of software, but it takes a very high level of skill to use it, your users will use something else that is easier to use, but less secure. And then how has your ideologically perfect piece of software helped improve their security?
If you make tradeoffs for usability, you will raise the bar because people will actually use what you make.
[+] [-] greggarious|10 years ago|reply
Basically, you're more anonymous the more people use Tor, so increasing Tor's usability increases it's security.
[+] [-] bsdetector|10 years ago|reply
Another thing is key generation. Encryption people demand perfect randomness for the key generation, and that means the key is this crucial piece of data that must be perfectly protected and copied about. That's unusable for most people. Instead, pick the key from 1 billion derived from a user's password. If they use a different computer, or reinstall their OS, or whatever reason then the software just takes a while to try each billion until it finds the one that works.
Or encrypted email. For perfect security you need a safe way to exchange keys beforehand and all kinds of trouble. No. Just have software attach your public key in unencrypted email to recipients. If you receive an email with somebody else's public key then the software starts encrypting to them using it. It's insecure in so many ways, but it would mean the majority of email being encrypted and if done right with almost no impact to the user (password-derived keys, password change automatically sending yourself a new-key-encrypted email with the old key, etc).
Security people need to stop seeing things in black and white. Something can be insecure and "broken", yet still raise the overall level security.
[+] [-] bluegate010|10 years ago|reply
[+] [-] x5n1|10 years ago|reply
[+] [-] jordanpg|10 years ago|reply
1. Abstraction. For the non-expert, the only metaphor that works for PKI is that of physical security. The concept of a "key" as a series of characters or a file that must be protected must be replaced by an abstraction that allows users to protect it in the same way they understand how to protect a key or a wallet.
So long as the "key" continues to appear to be an enormous password, people will continue to treat it that way, along with all the crazy worst-practices in the world. Not to mention the huge host of problems that accompanies key security for the layman.
I don't know what the answer is, but I do think that a physical token of some sort is the right start.
2. At the end of the day, the vast majority of people are not interested in the trade off between better security and convenience.
There is a learning curve, however shallow it can be made, and those that genuinely want or need better security are motivated enough to do the learning. For everyone else, it's like optional homework.
I would add to this that most everyone I know who cares about security is quite comfortable with a large array of APIs and software to do all sorts of cryptographic gymnastics. The bar is quite low already -- it has been for some time, IMO.
[+] [-] qqueue|10 years ago|reply
http://randomwalker.info/teaching/spring-2014-privacy-techno...
>We present the user with four items, a key, lock, seal and imprint. The key and lock serve the purposes of encryption: Alice distributes her locks as widely as possible so that others can send her messages that only she can open with her key. Similarly, the seal and imprint handle signing: Alice passes out copies of her imprint so others can verify her as the sender of messages she has stamped with her seal. Collected together, we refer to these four items as a toolkit this abstraction handles the contingency where a user loses her key but not her seal: we insist that the toolkit represents an indivisible unit that must be replaced whenever any element is lost.
[+] [-] pwg|10 years ago|reply
Do you mean something like the Yubikey USB dongle: https://www.yubico.com/products/yubikey-hardware/
[not associated, just referencing a 'physical' item that can be treated as a 'key' by non-experts]
[+] [-] rogeryu|10 years ago|reply
[+] [-] jakejake|10 years ago|reply
When I explain it to people I tell them that their public key is like an unlocked lockbox that you give people into which they can put a private message. They can close the box to lock it, but once they shut the box only you have the key to open it.
It's not a great analogy but it seems to me that the public key does not make sense as a "key" to the average person.
[+] [-] patrickaljord|10 years ago|reply
[+] [-] iak8god|10 years ago|reply
[+] [-] makmanalp|10 years ago|reply
A recent example: Textsecure / Signal has been very, very smooth for me and I doubt it'd be much more difficult for laypeople either: https://whispersystems.org/
[+] [-] Perceptes|10 years ago|reply
Also, in terms of adoption, it's still hard when everyone has phones that use iMessage or SMS by default. iMessage is end-to-end encrypted, but not compatible with Signal, and Android has no equivalent baked in. Using Signal requires two extra steps for the user 1) downloading/installing Signal 2) knowing about it and caring enough to use it in the first place.
[+] [-] bburshteyn|10 years ago|reply
[+] [-] lordofmoria|10 years ago|reply
Here's the problem: not everyone needs the stringent encryption guarantees that Snowden needed. There is value in crypto systems that are less demanding than PGP, especially if they come with vast increases in usability.
iMessage, I think, is what most people need in their everyday life. It's end-to-end encrypted, and although it has a central key-server, it is backed by Apple, which has publicly announced their commitment to user privacy. Yes, a central key-server means that you can't verify the fingerprints Apple gives you, but again, that's not what iMessage's encryption was designed for. If you need that level of certainty, use Signal.
[+] [-] anon1mous|10 years ago|reply
We live in the information era, information nowadays is the ultimate power. Democracy depends on the balance of power between the people and the government. If the government has all the data, it has all the power.
[+] [-] fukusa|10 years ago|reply
[+] [-] bluegate010|10 years ago|reply
[+] [-] diafygi|10 years ago|reply
Have you approached the developers of both Mailvelope and Gmail to discuss these improvements? How did they respond? Also, have you participated in usability discussion with the OpenPGP developer community at large? Any insights?
I ask because it seems like everyone who isn't very active in the OpenPGP developer community thinks that usability is a high priority. But, in my experience, when you start to bring up the topic of user-friendliness in the mailing lists, you get resistance or apathy. It seems like this is a problem of culture and incentives. How can those issues be addressed?
[+] [-] bhickey|10 years ago|reply
[+] [-] pen2l|10 years ago|reply
[+] [-] snassar|10 years ago|reply
[+] [-] bluegate010|10 years ago|reply
[1] https://www.eff.org/secure-messaging-scorecard
[+] [-] jnpatel|10 years ago|reply
[0]: http://www.gaudior.net/alma/johnny.pdf
[1]: https://www.usenix.org/conferences/test-of-time-awards
[+] [-] iza|10 years ago|reply
[+] [-] dguido|10 years ago|reply
[+] [-] jheriko|10 years ago|reply
too many manual efforts need to be made, even after setting up software that is purely designed to make this sort of thing easier.
mailvelope is a good example though - i've tried using it, but its not very clear what to do with it, and even once you get to the point of having the button appear in your gmail or whatever you have to then go and do even more things before you can actually send something that is encrypted. optimising this workflow should be trivial... a lot of this stuff can be done for you, e.g. by automatically enabling for common webmail sites, automatically generating some keys for you etc.
[+] [-] mbrock|10 years ago|reply
Keybase, GPGTools, and all of these things have different features and menus and all kinds of stuff which makes them EXTREMELY intimidating.
My mom is a teacher of computers, she is an expert at Excel and basic Windows things and Twitter and mail and she's even somewhat into Bitcoin, but crypto makes her instantly freeze into "oh my god what is happening I am terrified and confused" mode.
Today she needed to send some encrypted JPGs to verify her identity for some Bitcoin wallet thing. The support asked her to please encrypt her stuff with our public key.
When she opened that public key it came up in Notepad++ as a huge intimidating block of random characters. That was probably enough to put her in a bad mood. After that she wasn't very receptive and I guarantee that every single guide or tutorial or program would be WAY too nerdy, boring, and complicated for her to follow step one.
Anyway I just did it for her on my Mac and I explained my thoughts as I did it and she said "see I understand the concepts but it's just too much stuff to know about to actually do it myself."
I said "yeah, that's what Snowden keeps saying, these things are just too difficult for normal people. Even Glenn Greenwald, that journalist you know, apparently he sucks at computers and it took him months to even install the crypto app."
So I wish I could have said "just go to crypto.express" (random made up available memorable domain) and follow the easy steps and you can encrypt your zip file pretty easily with just drag and drop and it's totally made for newbies but still Snowden-level secure.
I don't really think people in general relate to the paranoid wish to encrypt all your mail. They probably think more in terms of specific secrets that they care about protecting. So you could get them started on use cases like sending passport photos, passwords, codes, credit card numbers, or dick pics or whatever it may be.
Once they have some tiny bit of successful experience with using private/public keys that one time, and it wasn't super impossible like they thought, they might be more open to learning more sophisticated ways of using crypto, such as automatically encrypting and signing mail.
[+] [-] lisper|10 years ago|reply
https://github.com/Spark-Innovations/SC4
[+] [-] longlivegnu|10 years ago|reply
[+] [-] patrickaljord|10 years ago|reply
[+] [-] aidos|10 years ago|reply
I have a new machine so I had to go through the setup process. First I had to install node/npm, and then their stuff, and then some other PGP apps. The whole thing felt really clumsy.
I'm a bit of encryption novice, but for what I get, it feels like the openssl tools on my mac should be able to do everything without having to jump through all the hoops.
Then there's the user experience on the other side. I had to send people to the keybase page to get them to generate the message and then email / send that to me. That's annoying and probably verges on terrifying for non-geeks.
Afterwards I thought to myself, why can't I sent up an html / js page with my public key in? It would have a single box called "Send something to me" and it could do the encryption client side and then fire me an email, or stick it in firebase, or whatever.
I know this doesn't solve all of the issues (trust etc) but when I'm just trying to give customers a way of getting me a password or something without them sending it via email it goes a long way and removes a lot of the friction.
[+] [-] jmsdnns|10 years ago|reply
[+] [-] dorfsmay|10 years ago|reply
[+] [-] mikeytown2|10 years ago|reply
[+] [-] nailer|10 years ago|reply
[+] [-] rakoo|10 years ago|reply
[+] [-] kstrauser|10 years ago|reply
[+] [-] anon1mous|10 years ago|reply
[+] [-] mirimir|10 years ago|reply
[0] https://en.wikipedia.org/wiki/Pretty_Good_Privacy
[1] https://www.gnupg.org/faq/gnupg-faq.html
[+] [-] stuaxo|10 years ago|reply
[+] [-] dredmorbius|10 years ago|reply
Other than, perhaps, signing on to a competing project to bring it down as well.
[+] [-] lmm|10 years ago|reply
[+] [-] gavkearney|10 years ago|reply
Maybe you should try Jumble (www.jumble.io) for email encryption - works with Gmail, iOS and MS Outlook.
Jumble manage key pairs for users and encrypt the private key with the users password so they don't have access, this ultimately simplifies the whole process for the end user and frees them from the key management aspect which is the major pain-point with PGP-based solutions. Also, it integrates on top of existing emails clients so no need to change your email address or how you interact with emails.
Full disclaimer: I'm a co-founder of Jumble
[+] [-] vxNsr|10 years ago|reply
Anything less will fail as no one is interested in getting a new email address.
Anecdotally, I've tried three of four times to learn how to use PGP and integrate it into my workflow and failed each time, so it definitely needs work (at least if they want me on board :))