Re: "Please select what kind of key you want" ~~ suggestion to developers
On Mon, Feb 23, 2009 at 03:25:02PM -0500, Charly Avital wrote: > Robert J. Hansen wrote the following on 2/23/09 2:52 PM: > [...] > > > > What I'm saying is, "the world first needs to learn to read." > > > As far as I am concerned, this sentence is a most gratifying conclusion > to this thread. Well, I would suggest that it goes deeper than that. The world first needs to learn to *want* literacy. There is no demand for a thing, no matter its excellence, until people see why they ought to want it. We're at a disadvantage here, compared to the benefits of reading, because successful use of crypto usually goes unnoticed. The most one can hope for is that an attacker will have more persistence than sense, and become intrusive enough to be detected by the wary before he succeeds. The smart ones will either succeed quickly and quietly, or walk away. *Are* there any success stories more compelling than, "no compromises that we know of so far"? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpnqgPIZ3JKM.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
While in general I agree with what you've said in this thread Robert, I do want to present one small ray of hope. At my last job we dealt with a great deal of "sensitive" information (usually time sensitive, i.e., it would be released eventually but needed to be "just right" first) and being the dreaded "technologist in a managerial role" I strongly advocated the use of PGP in preference to other methods of "secure" communication for the obvious reasons (availability, cost, etc.). Once the IT department signed off, I actually started sitting with my colleagues and walking them through the process of generating keys, integrating with outlook, etc. Then the fun part, I started sending people encrypted stuff. This often required another round of walking people through the process, but eventually it became sort of accepted, and generally (although sometimes grudgingly) acknowledged as a Good Idea. When I got my first unsolicited encrypted item in the mail, I knew I that progress was being made. :) It's probably worth noting that this was a technology-friendly workplace, and before I arrived there was already a culture of acceptance for things like encrypted chat, etc. But my point is, it's not all bad news "out there." hope this helps, Doug ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Robert J. Hansen wrote:
> Required reading:
And let's add to that:
Gaw, S., Felten, E. W., and
Fernandez-Kelly, P. 2006. Secrecy, flagging, and
paranoia: adoption criteria in encrypted email.
In Proceedings of the SIGCHI Conference on Human
Factors in Computing Systems (Montréal, Québec,
Canada, April 22 - 27, 2006). R. Grinter,
T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and
G. Olson, Eds. CHI '06. ACM, New York, NY, 591-600.
DOI= http://doi.acm.org/10.1145/1124772.1124862
Again, read the entire thing. Email crypto is seen as the mark of a
fearful or paranoid mind. The excerpt here should give you an idea of
the paper, and will hopefully inspire you to read it for yourself.
Abe worked in development. ... Because he handled financial data, Abe
used encryption frequently, particularly when he received records from
online donations ("I tend to try and be sure I PGP everything that has a
credit card number on it"). He also communicated with an external
vendor for recruitment. They used encryption to protect financial data
when they synchronized their copies. Abe believed this setup was
simple; he also thought some people ... needed to be more vigilant. He
described how he tried to convince the head of campaigns in his home
country to use encryption:
"Why? Because it was just good. If the ... police
ever come and bust into the office, you shouldn't
have a document saying, 'hey, I'm discussing how I'm
going to campaign against [a controversial issue].'
It's not the kind of information you want them to
have."
Despite his reasoned argument, his colleagues were uncooperative: "most
people see this as more work and want things simpler."
...
Many of the employees interviewed ... had limits to their willingness to
be more secure. In fact, moving beyond that limit was seen as abnormal
or paranoid. ... Abe explained how someone could "go overboard" when he
described how a representative of the PGP Corporation visited [the NGO].
Instead of a typical password authentication, the representative took
off his necklace and used a removable flash drive that held his private
key. The demonstration discouraged Abe:
"It was too over-the-top and definitely too complicated.
It was like a movie. ... Yeah, I admire him because he
comes in and puts his passphrase every single day, three
times a day, so that's very dedicated to his stuff. He
must either be very scared or very motivated."
He was not sure whether this vigilance was justified. In fact, he
associated it with being fearful, perhaps irrationally fearful. Abe
reiterated this when asked to speculate on why a colleague sent every
e-mail message encrypted. He figured this man has an automated system
for encrypting e-mail "or else he's nuts."
...
[big snip here, switching to a different employee, 'Jenny', who has used
PGP in the past and understands its use in contexts where secrecy is
essential:]
...
Jenny also thought it was abnormal to encrypt non-secret information.
When the interviewer abstractly explained that people in security
suggest all users encrypt all messages, Jenny was baffled:
"So you're saying that ... people should just -- even
_normal_ people? That ... you're sending email to ...
your mom, like, 'hey, things are going [pause]'? That
you should encrypt your e-mail. That people should do
all that."
Jenny emphasizes "normal people." _Normal_ people wouldn't encrypt
normal messages.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
On Mon, Feb 23, 2009 at 11:55:51AM -0500, gerry_lowry (alliston ontario canada) wrote: > The easier it is for beginners to understand PGP/GPG technology, > the faster its adoption into general use by the public will occur. > > Suggestion: add help as an option to > gpg --gen-key > and gpg --edit-key [ ID ] addkey > > Example: > >Please select what kind of key you want: >(1) DSA and Elgamal (default) >(2) DSA (sign only) >(5) RSA (sign only) >(h) help on the above choices While I more or less agree with Robert, and would note that the GPG built-in help is more intended as a reminder for those who already have some understanding of the concepts (you're not going to learn to code in C from the man pages), try typing a '?' here. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Required reading: Garfinkel, S. L., Margrave, D., Schiller, J. I., Nordlander, E., and Miller, R. C. 2005. How to make secure email easier to use. In _Proceedings of the SIGCHI Conference on Human Factors in Computing Systems_ (Portland, Oregon, USA, April 02 - 07, 2005). CHI '05. ACM, New York, NY, 701-710. DOI= http://doi.acm.org/10.1145/1054972.1055069 Some results from this paper were presented at FC2005, but is not the survey I mentioned in my previous message. That said, the results are substantially similar. The following is excerpted from the paper. If possible, though, I highly recommend you read the entire paper; it's an excellent overview of why secure email has failed to take off. Our survey consisted of 40 questions on 5 web pages. Respondents were recruited through a set of notices placed by Amazon's employees in the Amazon Seller's Forum. Participation was voluntary and all respondents were anonymous. ... A total of 1083 respondents [participated], with 417 of those respondents completing all five pages. ... Average age of our respondents was 41.5. Respondents were highly educated, with more than half claiming an advanced or college degree. Most described themselves as "very sophisticated" (18.0%) or "comfortable" (63.7%) using computers and the Internet. Roughly half the correspondents had obtained their first email account in the 1990s. The majority of respondents (94.4%) used computers running Microsoft Windows for email. The two other leading platforms were Apple Macintosh (8.5%) and some kind of mobile computing device such as a cell phone (5.8%). ... A majority (54%) of respondents understood the difference between digital signatures and sealing with encryption; that prior receipt of digitally signed mail significantly increased understanding of that difference; and that having previously received digitally signed email from Amazon increased respondents' overall trust in email. ... The majority (59%) didn't know [if their email client supported encryption], while another 9% chose the answer, "what's encryption?" ... Respondents with S/MIME-capable mail readers were more than twice as likely to know that their programs were capable of encryption, and half as likely to select the answer "What's encryption?" Nevertheless, the majority of [S/MIME-enabled] correspondents (54%) did not know the cryptographic capabilities of the software they were using. Almost half of our respondents (44.9%) indicated that they would be willing to upgrade their client in order to "get more protection" for their email... ... Although roughly half of our respondents indicated that they didn't use cryptography because they didn't know how, the free- response answers from the more knowledgeable respondents indicated that they either didn't think that encryption was necessary or else that the effort, if made, would be wasted. * "I don't because I don't care." * "I doubt any of my usual recipients would understand the significance of the signature." * "Never had the need to send these kinds of emails." * "I don't think it's necessary to encrypt my email & frankly it's just another step & something else I don't have time for!" ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Robert, excellent points. I shall return to my thinking board. Amazing that, in today's world, with events like the infamous 9/11, identity theft, debit and credit card fraud, a plethora of Bernhard Madoffs making Carlo Ponzi sit up in his grave and take notice, and jobs going down the toilet daily, it surprises me that there is so little paranoia. I'm willing to share my paranoia. I've got enough for everybody. Perhaps it can be made into a vaccine.B-) I appreciate your always interesting, knowledgeable, and thoughtful ideas. Regards, Gerry ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Robert, yes, literacy is important, too. Your counter proposition also has validity. You missed the point. Refer to my last three sentences. The world doesn't need another "easy to use GnuPG interface." You're essentially saying, "what the world needs is a really good book!" What I'm saying is, "the world first needs to learn to read." With respect to claims of experience, I don't put any stock in them, really. Or, as Rodney Whitaker wrote, "do not fall into the error of the artisan who boasts of twenty years experience in his craft while in fact he has only one year of experience -- twenty times." As near as I can see, the principal problems are: 1. Gross ignorance 2. Fear of social disapproval With respect to #1... one of the most prestigious crypto conferences out there is called Financial Cryptography. A few years ago some enterprising grad students asked each FC attendee to fill out a very short questionnaire as part of their sign-in process. The results were astonishing: 60% of FC attendees did not know if their email client supported crypto, period -- even fewer knew if it supported OpenPGP or S/MIME. Only 50% were interested in switching to email clients with better crypto support. If only 40% of FC attendees know if their email client supports crypto, and only 50% care enough about crypto to consider changing their email clients, do you really think the general public will jump on board OpenPGP just if we create a snazzy interface with a lot of chrome? That's delusional. With respect to #2... Ed Felten has a really good sociological paper out on the intersection of computer security and the workplace. He and some of his grad students interviewed people at a politically- active nongovernmental organization (NGO) with an awful lot of enemies. Many (most) of the employees had been trained with PGP and found it reasonably easy to use. Despite that, they still didn't use it for email. Felten and his grad students wanted to find out why. It turns out that social disapproval played a very heavy role. There were a couple of people in the NGO who were privacy enthusiasts and active PGP users, and they were considered "paranoids" by the other workers in the office. Employees said things to the effect of "yeah, I know email is dangerous, but I don't want to turn into, you know, one of _those_ guys." ... the general public does not know what email crypto is, does not want to know what email crypto is, does not want to care about email crypto. They just want to send email. Making GnuPG "easier to use" is a fine goal and worth pursuing in its own right, but it's not going to substantially improve GnuPG's adoption in the world. Saying "the world needs a good book, that's why book sales are down!" may be a true statement, and may be worth pursuing in its own right. However, the real problem is "first we need to learn to read." "GnuPG needs a good interface, that'll improve its usage numbers!" may be a true statement, and may be worth pursuing in its own right. (In fact, I think it is.) But the real problem is that people don't know, don't want to know, and to the extent they do know they really don't care. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Robert J. Hansen wrote the following on 2/23/09 2:52 PM: [...] > What I'm saying is, "the world first needs to learn to read." As far as I am concerned, this sentence is a most gratifying conclusion to this thread. I am not suggesting to close the thread, on the contrary, keep them coming. Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
Robert, yes, literacy is important, too. Your counter proposition also has validity. I point out, however, that by the time one is looking at Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) (h) help on the above choices she/he has likely already proceeded far enough along to have achieved some degree of literacy. Having reached that point, with regards to understanding PGP/GPG technology, she/he may still be a novice. Of course, had Michael W. Lucas been a bit clearer in his book, the "(h) help on the above choices" might not have been of benefit to myself. OTOH, it would nevertheless benefit many of those beginners who might not be aware of MWL's book and who might not have access to anything else written for novices. One problem is that many writers write for an audience that has already achieved domain erudition. Fortunately, for the rest of us, there are authors of "__ for Dummies", et cetera. (where __ represents some subject of interest to the reader). So, Robert, I restate my proposition as The easier it is for informed, literate beginners to understand the need for PGP/GPG technology, and the easier it is for them to become aware of the existence of PGP/GPG technology, the faster the adoption of PGP/GPG technology into broad general use by the public will likely occur. Regards, Gerry P.S.: I finished high school in 1965 and went straight into working. In 1967, I became a programmer. Long before "user friendliness" was a broadly known and often abused concept, I was writing software that truly qualified as "user friendly". ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "Please select what kind of key you want" ~~ suggestion to developers
The easier it is for beginners to understand PGP/GPG technology, the faster its adoption into general use by the public will occur. There's a discipline in computer science called human-computer interaction (HCI). I took two courses in this in grad school: not enough to make me an expert, but definitely enough to open my eyes. One of the things my instructor, Juan-Pablo Hourcade, drilled into us is that we genuinely don't know what will speed adoption of new technologies. All we know is what successful technologies look like. Imagine there's a new hotness in IT. (IT: Information Technology.) This new hotness has the potential to change the world in ways that can barely even be explained to people who don't already have the technology. Everyone you meet who has this new technology -- let's call it "flerbage" -- they've got this magical ability to /know things/. Know things they can't possibly know, that they couldn't possibly have learned. Flerbage is where it's /at/. The only problem is that flerbage is ridiculously user-unfriendly. Most people who use flerbage, this smoking-hot new thing in IT, say it took them between ten and fifteen years to really learn it. The learning curve looks like the freaking Matterhorn. Also, flerbage can't be made "easy for beginners to understand." You want flerbage, you're looking at a decade or more of serious, concentrated study. Sure, it's cool, but ... is it worth it? Would you say flerbage was a successful technology? Do you think flerbage will ever catch on? Flerbage is real, by the by. You're using it right now, this very instant. Scroll down and I'll tell you what it is. Literacy. Literacy is the original information technology. People who are literate have an enormous advantage over those who aren't. Wherever you look today you see signs, posters, advertisements, menus, whiteboards, warnings, labels and every other thing imaginable that's written down. Literacy gets taken for granted by almost everyone -- despite the fact that it takes most of your childhood and teenage years to get good at it. So no, I don't agree with your proposition. OpenPGP doesn't need to get easy for beginners to use. If it was that simple, we'd be there already. What needs to happen is the populace needs to understand the risks of electronic communication, and needs to become committed to doing something about it. If you can achieve that, then you will have done something great for humanity. But the world doesn't need another "easy to use GnuPG interface." You're essentially saying, "what the world needs is a really good book!" What I'm saying is, "the world first needs to learn to read." ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
"Please select what kind of key you want" ~~ suggestion to developers
The easier it is for beginners to understand PGP/GPG technology, the faster its adoption into general use by the public will occur. Suggestion: add help as an option to gpg --gen-key and gpg --edit-key [ ID ] addkey Example: Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) (h) help on the above choices Sample help: Choice/Description If you choose a sign only key, you may also need to (1) DSA and Elgamal (default) Phasellus interdum nunc eget libero. In ante dui, ... (2) DSA (sign only) Vivamus ut libero eget tortor lobortis ... (5) RSA (sign only) Aliquam sit amet risus auctor felis ... Real and useful text should replace the random lorem ipsum* used in the above example.B-) Additionally, build more help/guidance text into PGP/GPG technology. Users are more likely to implement technologies that they understand once they have achieved a level of comfort with those technologies. Regards, Gerry (Lowry) * source: http://www.lipsum.com/. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
