The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.10. The main features of this release are
support for TOFU (Trust-On-First-Use) and anonymous key retrieval via
Tor.
...
Noteworthy changes in version 2.1.10
====================================
[More after the break.]
* gpg: New trust models "tofu" and "tofu+pgp".
* gpg: New command --tofu-policy. New options --tofu-default-policy
and --tofu-db-format.* gpg: New option --weak-digest to specify hash algorithms which
should be considered weak.* gpg: Allow the use of multiple --default-key options; take the last
available key.* gpg: New option --encrypt-to-default-key.
* gpg: New option --unwrap to only strip the encryption layer.
* gpg: New option --only-sign-text-ids to exclude photo IDs from key
signing.* gpg: Check for ambigious or non-matching key specification in the
config file or given to --encrypt-to.* gpg: Show the used card reader with --card-status.
* gpg: Print export statistics and an EXPORTED status line.
* gpg: Allow selecting subkeys by keyid in --edit-key.
* gpg: Allow updating the expiration time of multiple subkeys at
once.* dirmngr: New option --use-tor. For full support this requires
libassuan version 2.4.2 and a patched version of libadns
(e.g. adns-1.4-g10-7 as used by the standard Windows installer).* dirmngr: New option --nameserver to specify the nameserver used in
Tor mode.* dirmngr: Keyservers may again be specified by IP address.
* dirmngr: Fixed problems in resolving keyserver pools.
* dirmngr: Fixed handling of premature termination of TLS streams so
that large numbers of keys can be refreshed via hkps.* gpg: Fixed a regression in --locate-key [since 2.1.9].
* gpg: Fixed another bug for keyrings with legacy keys.
* gpgsm: Allow combinations of usage flags in --gen-key.
* Make tilde expansion work with most options.
* Many other cleanups and bug fixes.
A detailed description of the changes found in the 2.1 branch can be
found at https://gnupg.org/faq/whats-new-in-2.1.html.
(Score: 2) by gnuman on Tuesday December 08 2015, @10:01PM
Right now I think it would be more important to make encryption *easy*
No.
Encryption is no a panacea and to use it correctly you need to know how it works, more or less, or all you are doing is undermining your and possibly other's information safety. There is already a massive amount of information of web-of-trust and how to use GPG properly. If that is too much of a pain for you, then your use-pattern will not benefit from GPG anyway since, for sake of convenience, you will bypass required manual checking. In that scenario you are no better off than without it.
(Score: 2) by VLM on Tuesday December 08 2015, @10:55PM
And the other problem is application of a GUI shell never made something inherently complex, simple. Usually a GUI makes things harder to use.
You can make a bad UI easier, sometimes, with a good gui, but on average trying to layer any random UI on top of any other UI isn't going to improve anything.
You run into this a lot with the noobs talking about DF. Ya know, if the software company (its actually one dude..) upgraded it to make the dorfs cute cartoons, it would be way easier to play. And then all the DF players hurt themselves rolling their eyes. Sure, that's the problem, sure... Maybe in the opinion of a non-player.
(Score: 2) by Zinho on Tuesday December 08 2015, @11:35PM
Then it sounds like the challenge is education. In the perfect world everyone has the benefits of good encryption, not just the intellectual and programming elites. If the massive amount of information [thecodelesscode.com] that's available isn't within the mental grasp of the PHBs, grandmas, and department secretaries of the world then we can't expect the rest of us to get the benefits of herd immunity that we'd like.
One way or another we should bridge the gap between where we are and where we'd like to be. That will probably take:
* convincing everyone that encryption is important and worth their time
* making the tools and education needed accessible to everyone
* rolling out good encryption everywhere
As you correctly pointed out, doing it wrong hurts everyone. If the bar of learning to use the tools properly is too high (too much time investment required) then either the tools are wrong, the educational materials are wrong, or both. At the moment, I'd say that it's both.
"Space Exploration is not endless circles in low earth orbit." -Buzz Aldrin