Comment by JumpCrisscross
7 years ago
> Once someone understands public and private keys, and webs of trust
Nobody in the general public wants this.
7 years ago
> Once someone understands public and private keys, and webs of trust
Nobody in the general public wants this.
Okay, don't assume people won't be interested in interesting things. Who is this general public, anyway? It's not an homogeneous group; it's made up of physicians, mechanics, teachers, lovers, Doomsday preppers, engineers, preachers, and all kinds of people who have special interests. The thing I see is that if you show them how it matters to them in their special role, rather than to them as members of this general public, they may well take an interest. Some of them may become very deeply interested indeed, if they needed such a thing but didn't know about it until you showed them!
It's interesting to you, not to most other people. Source: 25 years of talking to people about encryption. Most people just want stuff to work, not to know how it works.
Honestly, it's not been that interesting to me in general. It's only interesting to me for the same reason it might be interesting to the sorts of people I enumerated --- because of the ways it can be useful to me. I don't really care about how it works, in depth; I just want it to keep my stuff private. The only difference is that I have just enough technical expertise, as a programmer, that I can see its applicability without having it explained in a sympathetic manner.
An awful lot of people in the general public do.
Especially if their tech-savvy friends are confident they can learn about it - because it really isn't that complex - and if they understand that keypairs and trust are the basis for literally all digital security.
That doesn't mean they shouldn't.
I'm assuming you do everything you should right? So... perfect body? Saving account? great family life? Work is flawless?
Life doesn't happen in a vacuum and specialization is a thing. People spend their time on different things.
Everyone should do A LOT of things but don't. You can't hold a billion people accountable for that. They thought for whatever reason this was a reasonable trade off. Turns out... maybe not.
Instead of being a fucking nerd about it, lets work to help people move to better services.
"ummmmm... actually, you should learn about GPG encryption for your files".
FFS.
I'm fairly tech savvy (ok, I'm an expert compared to my non-tech family and friends, but not compared to people here). I even had a copy of pgp on my Windows 3.1 machine shortly after Phil Zimmerman created it. I didn't understand it then, and I don't want to understand it now. The better and easier solution has been to avoid putting stuff I don't want anyone to know about me on the internet.
I'm a linux sysadmin, and GPG is horrible. Complicated, complex, with weird naming scheme, multiple programs (gpg vs gpg2), etc - but it's a brilliant example why all of this is so complicated. Other ideas about describing the trouble trust means on the internet are welcome.