Idiomdrottning’s homepage

Why it’s OK that PGP sucks

Don’t get me wrong; if you’re in a position to make email encryption work better, please keep up the good work.

It’s just that if you’ve heard the cool kids say “I have such-and-such super supreme secure cipher app, that’s what people should use for communication, and email shall be insecure”, I’m like… what I hear is someone saying “I’ve got locks on my house so I don’t need to wear pants in public”. It’s kind of a non-sequiteur. Of course we want secure email.

A couple of really good things have happened since the era of PGP. Remember, PGP preceded SSL and TLS (and with them HTTPS). It was released in 1991 when an email was less secure than a postcard. Everyone could read everything, and spoof as anyone.

These days, we have DKIM to fight against tampering and spoofing (this also helps against “efail” type attacks, and against mitm), and we have TSL encryption between client and server and between server and server.

PGP’s only remaining purpose, then, aside from being a redundancy in case the other encryption gets wrecked, is to protect you from your own email providers. And that’s not nothing. This might sound tinfoil, but it’s a fact that Gmail has bots that read your email and uses that to target ads. And on the smaller more indie (and less traffic) operators, it’s even more likely that an op will get a chance to sneak a li’l peak.

Again, knowing that email security sucks (for example, there’s no forward security, and there’s too much on-by-default backward compatibility with old crusty cyphers and keysizes), it’s still a good idea. There is important stuff going over email still. Signup info being the most common one. Password restores.

One of the reasons why it’s so bad, by the way, is that people love to hoard old mail so they can search it, reference it, think about it, wax nostalgic. Systems that are set up to not do that, to have everything be fleeting, messages autodeleting, ephemeral, can be a li’l better. (For people who have better memory than miss Forgetful over here, of course.) But that’s not what email is. Email is like paper mail. It should be something that arrives to you safely and unpeeped at, but then if someone breaks into your house you’re understandably toast. You don’t send nuclear secrets over paper mail. But you don’t advertise your own grocery list, either.

The decreasing social costs of PGP

It used to be suuuper awkward to ask someone to use a PGP implementation (like GnuPG) and try to walk them through it. As in, “not worth it” levels of awkward.

That’s hopefully gonna get better; if they use WKD or Autocrypt you don’t even have to bring it up. If they use K9 you can tell them to turn on Autocrypt, K9’s Autocrypt implementation is easy to use once it’s on.

And, if they don’t wanna and you don’t wanna ask them, you don’t need to lose sleep since there’s still gonna be TLS and DKIM on there. You can dig their server to see if they’ve got TLS on.

The right to repair our beloved protocol

Mail is fantastic for what it really is: a world writable folder, and one that almost everyone has. It’s a miracle that it’s gotten as good as it has, and that changes are getting widely adopted in spite of the federated nature.

Mail works so much better than irc, Matrix, Fedi, XMPP, and my number one foe, Signal.

It’s wasteful to throw everything out and try to start over when the new thing is gonna amass at least as much cruft over time if it even gets off the ground.

It’s good stewardship to care for a protocol the way mail has been cared for and repaired and improved over the years. Like an old watch lovingly repaired. It’s not disposable, it’s built to last. The install base email has is a thing of wonder.

I’ve had it to here
bein’ where specs are a small word.
Part-time thing, paper ring.
I know it’s been done
havin’ one protocol that’ll last me.
Right or wrong, weak or strong.