>"Consider your average investigative journalist or whistleblower, with windows or a mac, that they haven't updated because then their kids favorite game doesn't run anymore or they simply don't want windows 10.
....
This makes forward secrecy a mandatory requirement, as this implies that the malware has to be constantly active and thus also enhances chances of detection and mitigation."<p>This is a bit of a straw-man argument. Forward secrecy or not, if you can get root on the client device, you own everything. So if you are a journalist/whistleblower, and have invested the effort to learn PGP, you should use Tails or something more appropriate for your job than windows or a mac.<p>Edit: This may be a good use case for hardware support for trusted execution (Intel SGX), along with all the other nasty features that it brings (DRM). The threat model for trusted execution is that the OS cannot be trusted whereas the app is sacrosanct.
I think the title is a little inflammatory. The conclusion does not say we should stop using PGP but consider the weakness inherent in its operating model and assumptions when evaluating future replacement. I think it is fair to say that the world is still waiting for said replacement, and until that arrives, PGP still has a number of valuable properties, one of which being <i>it exists</i>.
My biggest point of contention with this is... what should replace it? PGP is the current and retroactive psuedo-standard for verification for everything from email to code to builds.<p>Any replacement would have to be at least semi-compatible, so as not to break the (likely) hundreds of solutions relying on and expecting PGP.
Perhaps I'm just out of touch, but I'm not familiar with any of the alternative tools they mentioned. If we retire PGP (and its GNU clone), what widely available tool should we use in its stead?
Another "I don't think PGP is good enough" and "here's all these things"<p>Yet none fully replaces PGP yet. Before you actually retire PGP, maybe you need one of these projects to finish a real, complete, reviewed and high quality replacement ;-)
> hopefully there'll be more and better tools<p>Good criticism, but we need an actual plan for "repeal and replace", rather than "hope" for better tools.
I started reading to know what's wrong with PGP, but it very quickly escalated to the discussion about making educated bets about cryptography as a whole. I think this is hugely important topic and it is a real shame this is not being discussed more. Maybe security people a more conscious about that (I surely hope so), but general public doesn't seem to be. And by "general public" here I actually mean self proclaimed paranoids and not your grandma or a girlfriend. We talk a lot about if something is proclaimed secure by so-called experts, about theoretical weaknesses of Telegram or something, monitor important 0-days, buzz about how bad it is to give all your private data to facebook or google and how fucked we all are. But we rarely seriously talk about who our adversaries really are, what exactly we are trying to protect and if we're using the right tools for that. About making educated bets. And in the end of the day, this is all it is actually about — making educated bets. Because not all our data, not all our accounts are equally important, and they are not equally important to the different kinds of adversaries. So the only way to be somewhat secure is to recognize, that there's no absolute security and we cannot protect everything. So better start taking it consciously and focusing on what's really important.