This week former Twitter engineer and microcelebrity Moxie Marlinspike unleashed a torrent of criticism against the Gnu Privacy Guard encryption software, which he loosely justified by confusing an etiquette problem with a technical problem.
There just seems to be something particular about people who try GPG and conclude that it’s a realistic path to introducing private communication in their lives for casual correspondence with strangers.
This criticism is only reasonable to the extent that private communication among strangers is a factual impossibility, as the extant lack of an relationship between strangers necessarily implies the lack of a basis for trust or privacy. It is a purely social problem with a social solution. The solution consists of being extraordinarly selective when it comes to corresponding with strangers and only doing so when the correspondence actual provides a real value to the recipient. The only actual problem Marlinspike is raising here is that GPG simply makes messages which were already spam simply more annoying spam.
From there Marlinspike mimes what could have been technical criticism by presenting GnuPG in contrast to the various sorts of "privacy" tools he collects his alms for developing. While GnuPG is by his own admission "powerful and flexible" he prefers "opinionated" software with a "simple interface" which removes the option for the user to adapt the tool to the peculiarities of their use case. He bemoans that the documentation is verbose and descriptive instead of being limited to the labels on a set of GUI buttons. He also argues the published user numbers of GnuPG according to keyservers are dismal while neglecting that many use cases involve not publishing public keys to keyservers and the "strong set" of well connected GnuPG public keys is still further removed from being a potential indicator of actual uses of GnuPG.
He specifically equates the "strong set" of GnuPG keys which merely enumerate people who use the software a particular way with the software's installed base. The actual installed base includes nearly all Linux installations on top of the every time where GnuPG is installed on other platforms. Even when the Linux users don't use it for anything else, they use it when they download sources and packages from their distribution's repositories. Is every user going to be aware they depend on GnuPG this way, no. That merely makes the claim more insidious as Marlinspike who knows better is certainly playing to his audience's ignorance in order to distract from the ubiquitous use of GnuPG in the real world.
With the lack of strong warrants to support his argument, it becomes imperative to consider what he would offer instead of GnuPG. His offerings consist almost entirely of graphics heavy applications which only work when used from the some of the least trustworthy computing platforms available on the market, smartphones. Devices where even the open source components are infrequently read to the point they might as well be closed source, and even "open" designs have at the most primal location of their software stack closed source turds beholden to the network operators. This is on top of the other ways in which the devices are openly hostile to actual users. In most charitable interpretation of facts, they simply can not be trusted to leak private keys. Further incriminating his "solutions" is a tendency for them to have hard dependence on centralized servers to function.
The thing about use cases for GnuPG is that the number of them being implemented is actually increasing. The Bitcoin Foundation maintaining a network client faithful to the Satoshi codebase has implemented a beautiful sign on read system for code patches which both enumerates and puts names to actual sets of eyes reviewing code changes which allows for enumerating goodness as opposed to merely hoping that the myth of thousands of eyes reviewing Open Source software actually exists, which historically1 has not been the case. This arrangement empowers users to carefully choose their patches based on the strength of their trust or lack thereof in the particular patch submitter and the patches readers. It also increases the obstacles set in from of a social engineer by orders of magnitude as the do-ocratic ethic of accepting thousands of lines of code, of which few might be evil, on the strength of one signature is replaced by a strong emphasis on selecting code on the endorsement of literate readers who understand the code.2
When it comes to selecting a tool for purposes of ensuring strong privacy or authentication GnuPG's flexibility, power, and history make it uniquely irreplaceable on a large scale. If GnuPG is ever replaced but a tool that sheds some of the baggage that the long history of the OpenPGP standard leaves GnuPG obligated to the tool is going to likely resemble Ted Unangst's reop than anything Moxie Marlinspike is peddling. If only reop included support for very large RSA keypairs, an implementation in Ada that runs on bare metal, and a more than a decade of history involving safe use of the tool. Essentially a future GnuPG replacement would be a spiritual successor to GnuPG 1.4.x similar in being a powerful and flexible command line tool, different in discarding ciphers and weak key lengths that have no business being used anymore and parts of the OpenPGP standard which no longer offer value. Most critically it is at least a decade away from existing as anything more than a proof of concept.
Marlinspike is selling a vision where a simulation of cryptography to offered to everyone down to the lowest common denominator and the utility of the tools must be hedged with exceptions. You conversation might be private, except if the phone company or employees of it are potential adversaries. Your communication channels might be open, except if an adversary takes out or compromises a small handful of centralized servers. If you want or need to keep your private keys physically separated from your network he doesn't have an app for that. Marlinspike's brand of cryptography just might save people from the neighborhood gossip, but at best offers worse than a placebo for people who might rely on cryptography for protection against a repressive regime. While GnuPG maximally empowers the user who cares enough to read, Marlinspike's "opinionated" software makes compromises he finds personally acceptable chasing adoption at the cost of user empowerment.
The most charitable interpretation possible is that Marlinspike merely wants to dictate to users the exact amount of cryptography he finds acceptable. An only slightly less charitable interpretation is that Marlinspike is contributing to a social engineering attack with the goal of discouraging users from accessing strong encryption, or making access to strong encryption outright impossible.
Note that in this case the guilty party was actually promoted to become the project's secretary. ↩
This point was raised in the IRC channel of Devuan, the systemd less fork of Debian, to a generally positive reception six day's before Marlinspike, a prominent do-ocrat, penned his essay suggesting GnuPG has run its course. ↩