SoylentNews is people
SoylentNews
posted by
martyb
on Sunday November 08 2015, @02:06PM
from the Wbuaal-qbrf-abg-rira-haqrefgnaq-EBG13 dept.
from the Wbuaal-qbrf-abg-rira-haqrefgnaq-EBG13 dept.
This paper presents the results of a laboratory study involving Mailvelope, a modern PGP client that integrates tightly with existing webmail providers. In our study, we brought in pairs of participants and had them attempt to use Mailvelope to communicate with each other. Our results shown that more than a decade and a half after "Why Johnny Can't Encrypt," modern PGP tools are still unusable for the masses. We finish with a discussion of pain points encountered using Mailvelope, and discuss what might be done to address them in future PGP systems.
The PDF of the study can be found here.
This discussion has been archived.
No new comments can be posted.
Why Johnny Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client
|
Log In/Create an Account
| Top
| 69 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Either I'm dead or my watch has stopped.
-- Groucho Marx's last words
(Score: 1) by driverless on Monday November 09 2015, @02:58AM
Trying to operate the GPG command line tool is like trying to summons a minor deity.
I'll say. Last year I mistyped a GPG command and Phil Zimmerman himself appeared in a puff of smoke. I took the opportunity to get his autograph, but even he couldn't figure out how to do what was needed with GPG.
To get things done with GPG takes keeping a crib sheet of operations to perform so everything doesn't become a black hole for time.
This is exactly how I use GPG, I have a text file with various pre-worked-out incantations that I paste onto the command line. A security dude I met at a conference once said that he wrote his own command-line app to do PGP en/decryption because it was easier than dealing with GPG. One command to encrypt mail, one command to decrypt mail, and that's all.