Recently, there was something of a scare around GNU Privacy Guard (GPG), a “free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP).” An article on Propublica revealed that GPG was essentially the work of one person, who was running out of money. Just at the moment when we needed properly-implemented strong crypto most, it looked like the project was on the verge of collapse. Fortunately, that same article also succeeded in raising people’s awareness of the situation, and enough money was pledged as a result to secure the future of GNU Privacy Guard, at least for the immediate future.
Now GPG is under attack again, and from a surprising quarter. Moxie Marlinspike is the pseudonym of a well-known computer security researcher. You might expect him to be pretty supportive of what GPG is doing, and yet in a recent blog post he is anything but uplifted when he receives encrypted email using it:
When I receive a GPG encrypted email from a stranger, though, I immediately get the feeling that I don’t want to read it. Sometimes I actually contemplate creating a filter for them so that they bypass my inbox entirely, but for now I sigh, unlock my key, start reading, and — with a faint glimmer of hope – am typically disappointed.
Eventually I realized that when I receive a GPG encrypted email, it simply means that the email was written by someone who would voluntarily use GPG. I don’t mean someone who cares about privacy, because I think we all care about privacy. There just seems to be something particular about people who try GPG and conclude that it’s a realistic path to introducing private communication in their lives for casual correspondence with strangers.
Increasingly, it’s a club that I don’t want to belong to anymore.
The rest of his interesting post goes on to describe the flaws of GPG. Basically, it is extremely hard to use, not widely deployed, and has turned into impenetrable, backward-looking code — all of which are entirely reasonable criticisms. Marlinspike concludes:
GPG isn’t the thing that’s going to take us to ubiquitous end to end encryption, and if it were, it’d be kind of a shame to finally get there with 1990’s cryptography. If there’s any good news, it’s that GPG’s minimal install base means we aren’t locked in to this madness, and can start fresh with a different design philosophy. When we do, let’s use GPG as a warning for our new experiments, and remember that “innovation is saying ‘no’ to 1000 things.”
In the 1990s, I was excited about the future, and I dreamed of a world where everyone would install GPG. Now I’m still excited about the future, but I dream of a world where I can uninstall it.
Again, those are all good points. And yet for all GPG’s faults, and for all its failings, it seems somewhat ungrateful to berate it in these terms. I suspect that it has saved a good many people living in countries with oppressive and brutal regimes from arrest or worse; it has doubtless helped journalists to receive crucial information they might not otherwise have been sent, and to keep their sources safe; and it certainly made Snowden’s revelations possible — at least once Glenn Greenwald finally worked out how to install it. To say that it could have been better, or that its unintuitive approach may have prevented more people from using it misses the point, which is that in its own idiosyncratic way it was there when people really needed it, and that it did the job asked of it — and for that, we should be hugely grateful, even while hoping that something better will come along soon.