Uncategorized Posts

Specifying a PGP client that your grandmother could use

PGP is a pain in the ass, and yet it’s the best option we currently have for encrypting email. A bunch of people are working on replacing both email and PGP, but in the meantime we should make PGP much easier to use. (I’ve tried before, and failed miserably, so I’ve got a bone to pick with this problem.)

There are two reasons PGP-for-common-folk is evasive:

Trends and breakthroughs

Even though I know almost nothing about it, I’m fascinated by sociology and human anthropology. Most of what I find intriguing about those fields is the study of how ideas spread. I assume ideas spread the same way now as they ever have, so if we can understand how ideas spread in the past we should be able to make more intelligent predictions about how they’re spreading now. One thing that’s become pretty clear to me is that “breakthroughs” (cultural, scientific, technological, and otherwise) have almost never happened in a vacuum. So if someone wants to be involved in a breakthrough, they either need to be part of a movement or they need to create one.

Cryptocurrencies as a transport layer; or, what’s wrong with Stellar

About two weeks ago Stripe published a blog post which articulated the promise of Bitcoin more succinctly than I’ve read anywhere else; in short, the post draws Bitcoin (or a derivative cryptocurrency) as the transport layer of a new digital economy. If you haven’t read that post yet, I encourage you to read it before reading this one—it does a good job of explaining concepts in a way that might even make sense to non-technical readers, and I will be building on those ideas in this post.

The Stripe post highlights an idea that I’ve harboured since the first time I heard about Bitcoin; basically, that its greatest value lies in its utility as a medium of exchange. Money moving around the world as freely as information does today. Transaction costs reduced to the point where it would be feasible for the New York Times to charge you ten cents for every article you want to read instead of shoving ads in your face. And consumers with the option of making international payments via their local credit union instead of the credit card and wire transfer oligopolies.

Replacing Email

There was a thread on Hacker News today about a topic that’s somewhat dear to me, and to which I’ve devoted a fair amount of thought: what will it take to get people using PGP for email?

Most of the comments in the thread echoed things I already knew: in a nutshell, PGP is both difficult to use and it doesn’t offer enough protection (specifically; that meta data including subject/to/from is not encrypted) given what we now know about government surveillance. I wrote a comment pointing to Adam Langley’s proposal for a new asynchronous messaging system, Pond, as a solution but the more I think about it the more I realize that Pond (as it currently stands) is missing some pieces, too.

The Business and Technology of Zero-Knowledge Software

In the past year and a half I’ve written a few times about an encrypted email app we built at Black Chair called Parley. Parley, at this point, is essentially dead: the service has been in “pre-beta” for about 7 months, and we haven’t made any significant changes to it in at least 5. As it stands, I consider it an impressive accomplishment for our company, but it needs quite a bit more work before being ready for prime-time and it is unlikely to see those changes without a significant cash injection. (Basically, we chose a horrible intersection of the consumer space for a bootstrapped project: email software is very difficult to get right, encryption is very difficult to get right, they are both even more difficult to get right on mobile platforms, and—even worse—general consumers are not feeling any pain due to unencrypted email. We need to target businesses, and that’s an entirely different kettle of fish.) I’m not crazy about taking on investment for this sort of project (or rather, I’m incredibly picky about who we might take on as an investor) so Parley is basically on the shelf for now.