When doing research on email encryption and why it's still not widely used, I've read Alma Whittens "Why Johnny Canât Encrypt: A Usability Evaluation of PGP 5.0" [1] from '99. I wonder if anyone knows of similar but more recent usability studies on encryption software?
By some time in the mid-00s, Hugh Daniel and I could no longer reliably send each other PGP-encrypted mail :-) I wouldn't use the older versions of PGP (including GPG which was compatible with them), which had the abusable bugs in variable-length-field handling that made it possible to force PGP to use really weak crypto; Hugh would only use the open-source versions, not the proprietary Windows-GUI versions from PGP Inc., and even the proprietary versions were getting less and less reliable. And stubbornness had, ummm, entirely nothing to do with either of our positions... And at some point I had a disk crash that trashed the current keyrings for which I knew the passphrases, and I haven't really tried since then. Some of the GUIs were ok, some weren't. I've gotten lazy and prefer to be able to cut and paste, but the text editors I used this morning included vi, ed, cat, and >, and I guess emacs if you count the bash line-editing commands. As far as PGP's CLI goes, it was painfully obvious that Phil was a Windows programmer, not a Unix programmer (though I suspect he had some DEC background as well). Bill Stewart, wearing my old geezer hat today.