On Sun, Nov 8, 2015 at 7:45 PM, oshwm <oshwm@openmailbox.org> wrote:
On 08/11/15 08:40, Peter Gutmann wrote:
oshwm <oshwm@openmailbox.org> writes:
Can GPG be easier to use, I think so, is it too difficult to use by ordinary people - no, they're just too fucking lazy and lack motivation.
... and this is pretty much the poster child for why we have so much unusable crypto today.
Or, why we have such a fucking retarded human race with the attention span of a knat who expect everything to be given to them on a plate. People have to stop being lazy and start taking an interest and responsibility for what goes on in the world around them - your point of view re-inforces the dumbing down of the population and the increase in power of the Government and big Corps.
Even if thats all true, its still also true that nobody is using PGP. Its easier to make a slick UI than convince people to do work. Is it so much to ask that people who make software try to make life easy for their users? For all your talk of doing hard work oshwm, it looks like you only created that PGP key yesterday: $ gpg --list-packets signature.asc hashed subpkt 2 len 4 (sig created 2015-11-08) [...] And as far as I can tell it hasn't been signed by anyone. At least I think so - after 15 minutes fighting with gpg I still can't find your actual key and I ran out of care. ... Which leads me into my second point, which is that here in 2015 PGP is a terrible technical solution. It doesn't encrypt metadata (which is a non-starter these days - who you communicate with is some of the *most* valuable personal data for the NSA). It also leaks information about who signed your key. That means either: - Your key gets signed by your friends, so now your friend network public or - Emails with PGP are provably from you, in a way that can be traced back to physically witnessed government ID. ... Or both! Personally I would rather the possibility of forgery than either of those outcomes. -J