Quantcast

What could make GnuPG + Enigmail "easier"?

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

What could make GnuPG + Enigmail "easier"?

Anthony Papillion
There's been some discussion both on and off this list about the fact
that people don't use GnuPG (even with Enigmail) because it's 'too
hard'. I have friends that are reasonably intelligent who just can't
figure it out and, for the life of me, I just don't see why.

Don't get me wrong, GnuPG by itself can be confusing. Who wants to
compose in a text file, drop to a terminal, issue some archaic command,
open another text file, then copy and paste the results into a new
document just to able to send an email? That's pretty rough and there's
no reason any user should have to do that in 2017. But they don't! I've
used GnuPG and Enigmail for a few years now and I only drop to a
terminal when I /want/ to do so at this point. Encryption, decryption,
signing, etc, never 'requires' it and, for the most part, the software
'just handles it'. Sure, if I add a smart card to the mix that
complicates things but most people aren't going to do that.

So I guess I'm asking "what's so hard about GnuPG/Enigmail these days
and what's stopping us from making it better"?

Anthony

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

Jeffrey Stedfast-3
On 4/9/2017 6:24 PM, Anthony Papillion wrote:
> There's been some discussion both on and off this list about the fact
> that people don't use GnuPG (even with Enigmail) because it's 'too
> hard'. I have friends that are reasonably intelligent who just can't
> figure it out and, for the life of me, I just don't see why.

You aren't seeing why because you aren't really listening. You are
focusing on the button clicks required and thinking "but it's just a
click of a button or a checkbox in my email configuration options!"

What you *aren't* hearing is:

1. *Why* should I care about signing my emails? Other people trying to
impersonate me by falsifying emails from me is extremely low, other than
perhaps the odd spam message here and there. And that's not *my*
problem, that's *their* problem.

2. *Why* should I care about encrypting my emails? None of my emails are
worth encrypting. Seriously, though, the risk of "hackers" or who-ever
getting a hold of my emails is low and there's nothing really vital in
them anyway.

3. Sure, clicking a button or checkbox might be easy, but what about the
added hassle of managing my PGP keys? Now I have to upload them to a
server so other people can get them? Ugh. I also have to copy them back
and forth between the different computers that I use? More work. And I
gotta keep my keys safe, as well? Jeez.

4. Just because I have a PGP key and sign my emails, it doesn't mean
other people can automatically trust that they are from me. First they
have to verify that the key id/fingerprint matches the key that I
created. This means that for all practical purposes, unless I'm going to
get involved in a *community* of PGP users that all sign each others
keys, it's worthless.


For the average email user, signing their emails has little-to-no added
value.

In general, they either know the person personally in which case they
probably have a good idea whether or not an email is actually from said
person or not simply based on pattern recognition of their writing style
and/or topics being discussed. They can also verify emails by talking to
the other person face-to-face or over the phone, skype, etc - for
*important* emails, this often happens anyway.

In other words, the people you are trying to convince to use PGP with
Enigmail are saying "it's too hard" because that is the result of their
cost/benefit analysis. It's not that clicking buttons or a checkbox is
"too hard", it's that they don't *want to* for the minimal gain it will
get them.

Hope that helps,

Jeff

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

Don Saklad
In reply to this post by Anthony Papillion
What's the first step to begin using it?...


    Anthony Papillion <[hidden email]> writes:
    > There's been some discussion both on and off this list about the
    > fact that people don't use GnuPG (even with Enigmail) because it's
    > 'too hard'. I have friends that are reasonably intelligent who
    > just can't figure it out and, for the life of me, I just don't see
    > why.
    >
    > Don't get me wrong, GnuPG by itself can be confusing. Who wants to
    > compose in a text file, drop to a terminal, issue some archaic
    > command, open another text file, then copy and paste the results
    > into a new document just to able to send an email? That's pretty
    > rough and there's no reason any user should have to do that in
    > 2017. But they don't! I've used GnuPG and Enigmail for a few years
    > now and I only drop to a terminal when I /want/ to do so at this
    > point. Encryption, decryption, signing, etc, never 'requires' it
    > and, for the most part, the software 'just handles it'. Sure, if I
    > add a smart card to the mix that complicates things but most
    > people aren't going to do that.
    >
    > So I guess I'm asking "what's so hard about GnuPG/Enigmail these
    > days and what's stopping us from making it better"?
    >
    > Anthony
    >
    > Gnupg-users mailing list
    > [hidden email]
    > http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

Robert J. Hansen-3
In reply to this post by Anthony Papillion
> There's been some discussion both on and off this list about the fact
> that people don't use GnuPG (even with Enigmail) because it's 'too
> hard'. I have friends that are reasonably intelligent who just can't
> figure it out and, for the life of me, I just don't see why.

Better grab your reading glasses.  :)  Academic computer science
literature is full of papers researching this subject.  John Clizbe and
I (speaking of, John's been gone for some time; I hope he returns soon)
keep a curated list of some good ones.

=====

Gaw, S., Felten, E. W., and Fernandez-Kelly, P. 2006.  Secrecy,
flagging, and paranoia: adoption criteria in encrypted email.  In
_Proceedings of the SIGCHI Conference on Human Factors in Computing
Systems_ (Montreal, Quebec, Canada, April 22 - 27, 2006).  R. Grinter,
T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G. Olson, Eds. CHI '06.
ACM, New York, NY, 591-600. DOI=
http://doi.acm.org/10.1145/1054972.1055069  Available at:
http://www.soe.ucsc.edu/classes/cmps223/Spring09/Gaw%2006.pdf


Garfinkel, S. L., Margrave, D., Schiller, J. I., Nordlander, E., and
Miller, R. C. 2005. How to make secure email easier to use. In
_Proceedings of the SIGCHI Conference on Human Factors in Computing
Systems_ (Portland, Oregon, USA, April 02 - 07, 2005).  CHI '05. ACM,
New York, NY, 701-710.  DOI= http://doi.acm.org/10.1145/1054972.1055069
Available at: http://simson.net/ref/2004/chi2005_smime_submitted.pdf


Steve Sheng, Levi Broderick, Colleen Alison Koranda, and Jeremy J.
Hyland.  Why Johnny Still Can’t Encrypt: Evaluating the Usability of
Email Encryption Software. Poster session, 2006 _Symposium On Usable
Privacy and Security_, Pittsburgh, PA, July 2006.
http://cups.cs.cmu.edu/soups/2006/posters/sheng-poster_abstract.pdf


Alma Whitten and J.D. Tygar. Why Johnny Can’t Encrypt: A Usability
Evaluation of PGP 5.0. In _Proceedings of the 8th USENIX Security
Symposium_, Washington, DC, August 1999. http://bit.ly/OaEeTD


Views, reactions and impact of digitally-signed mail in e-commerce.
Garfinkel, Schiller, Nordlander, Margrave and Miller.  Originally
published somewhere in _Lecture Notes in Computer Science_, but I got
mine from:
http://groups.csail.mit.edu/uid/projects/secure-email/fc_smime.pdf


Usability of Security: A Case Study. Alma Whitten and J. D. Tygar.
Carnegie Mellon University Computer Science technical report
CMU-CS-98-155, December 1998.
http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA361032

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

Robert J. Hansen-3
In reply to this post by Jeffrey Stedfast-3
> What you *aren't* hearing is:

[good points snipped]

Shirley Gaw's 2006 paper addresses these factors dead-on.
http://www.soe.ucsc.edu/classes/cmps223/Spring09/Gaw%2006.pdf

It's worth reading.  A major additional factor Gaw found inhibiting
adoption was the fear of being seen as paranoid.  The following excerpt
talks about various employees (all under pseudonyms) at an
environmental-action NGO which participated in a variety of illegal
direct action campaigns.  You'd think these people would view paranoia
as a good thing, but the reality was quite different.

A couple of passages are _underlined_ to reflect italics in the original
text.

=====

"Many of the employees interviewed at [this NGO] had limits to their
willingness to be more secure. In fact, moving beyond that limit was
seen as abnormal or paranoid. While Woodward was especially vigilant,
even the technical support staff admitted he might be excessively
protective. Was the effort justified? Was it reasonable precaution?

Abe explained how someone could 'go overboard' when he described how a
representative of the PGP Corporation visited [the NGO]. Instead of a
typical password authentication, the representative took off his
necklace and used a removable flash drive that held his private key. The
demonstration discouraged Abe:

'It was too over-the-top and definitely too complicated... it was like a
movie.'

He saw the presenter as paranoid. He went on to say:

'Yeah, I admire him because he comes in and puts his passphrase ...
every single day, three times a day, so that's very dedicated to his
stuff. He must either be very scared or very motivated.'

He was not sure whether this vigilance was justified. In fact, he
associated it with being fearful, perhaps irrationally fearful.

Abe reiterated this when asked to speculate on why a colleague sent
every e-mail message encrypted. He figured this man has an automated
system for encrypting e-mail 'or he's nuts.'

When Sandra was asked why she said her e-mail communications were not
anything people were 'dying to get their hands on,' she explained:

'I'm not paranoid enough to think the CIA is monitoring my emails or
anything to that effect.'

Not only was encrypting messages excessive for someone who had no
secrets, it was _paranoid_ _behavior_ to assume anyone would be
interested in eavesdropping on her communications.

Jenny also thought it was abnormal to encrypt non-secret information.
When the interviewer abstractly explained that people in security
suggest all users encrypt all messages, Jenny was baffled:

'So you're saying that ... people should just--even _normal_ people?
That you're sending e-mail to ... your mom, like "hey, things are going
...", that you should encrypt your e-mail?  That people should do all
that?'

Jenny emphasizes 'normal people.' _Normal_ _people_ wouldn't encrypt
normal messages."

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

mirimir
On 04/10/2017 01:11 AM, Robert J. Hansen wrote:
>> What you *aren't* hearing is:
>
> [good points snipped]
>
> Shirley Gaw's 2006 paper addresses these factors dead-on.
> http://www.soe.ucsc.edu/classes/cmps223/Spring09/Gaw%2006.pdf
>
> It's worth reading.  A major additional factor Gaw found inhibiting
> adoption was the fear of being seen as paranoid.

Attorneys have told me that they don't encrypt because opponents would
be sanctioned if they used intercepted information. "How would you
know?" didn't lead to a useful conversation.

<SNIP>

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: What could make GnuPG + Enigmail "easier"?

Rainer Hoerbe
In reply to this post by Robert J. Hansen-3
I think that we could reach a better mutual understanding when we put the arguments into context.

Context A: non-technical users, such as Jenny, who encrypt mail with sensitive content, or sign a message.
Context B: IT-experts with typical use cases of SW-signature or SSH-login.

I think that many arguments on this thread make a lot of sense in their respective contexts.

- Rainer

> Am 10.04.2017 um 09:11 schrieb Robert J. Hansen <[hidden email]>:
>
>> What you *aren't* hearing is:
>
> [good points snipped]
>
> Shirley Gaw's 2006 paper addresses these factors dead-on.
> http://www.soe.ucsc.edu/classes/cmps223/Spring09/Gaw%2006.pdf
>
> It's worth reading.  A major additional factor Gaw found inhibiting
> adoption was the fear of being seen as paranoid.  The following excerpt
> talks about various employees (all under pseudonyms) at an
> environmental-action NGO which participated in a variety of illegal
> direct action campaigns.  You'd think these people would view paranoia
> as a good thing, but the reality was quite different.
>
> A couple of passages are _underlined_ to reflect italics in the original
> text.
>
> =====
>
> "Many of the employees interviewed at [this NGO] had limits to their
> willingness to be more secure. In fact, moving beyond that limit was
> seen as abnormal or paranoid. While Woodward was especially vigilant,
> even the technical support staff admitted he might be excessively
> protective. Was the effort justified? Was it reasonable precaution?
>
> Abe explained how someone could 'go overboard' when he described how a
> representative of the PGP Corporation visited [the NGO]. Instead of a
> typical password authentication, the representative took off his
> necklace and used a removable flash drive that held his private key. The
> demonstration discouraged Abe:
>
> 'It was too over-the-top and definitely too complicated... it was like a
> movie.'
>
> He saw the presenter as paranoid. He went on to say:
>
> 'Yeah, I admire him because he comes in and puts his passphrase ...
> every single day, three times a day, so that's very dedicated to his
> stuff. He must either be very scared or very motivated.'
>
> He was not sure whether this vigilance was justified. In fact, he
> associated it with being fearful, perhaps irrationally fearful.
>
> Abe reiterated this when asked to speculate on why a colleague sent
> every e-mail message encrypted. He figured this man has an automated
> system for encrypting e-mail 'or he's nuts.'
>
> When Sandra was asked why she said her e-mail communications were not
> anything people were 'dying to get their hands on,' she explained:
>
> 'I'm not paranoid enough to think the CIA is monitoring my emails or
> anything to that effect.'
>
> Not only was encrypting messages excessive for someone who had no
> secrets, it was _paranoid_ _behavior_ to assume anyone would be
> interested in eavesdropping on her communications.
>
> Jenny also thought it was abnormal to encrypt non-secret information.
> When the interviewer abstractly explained that people in security
> suggest all users encrypt all messages, Jenny was baffled:
>
> 'So you're saying that ... people should just--even _normal_ people?
> That you're sending e-mail to ... your mom, like "hey, things are going
> ...", that you should encrypt your e-mail?  That people should do all
> that?'
>
> Jenny emphasizes 'normal people.' _Normal_ _people_ wouldn't encrypt
> normal messages."
>
> _______________________________________________
> Gnupg-users mailing list
> [hidden email]
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Loading...