Folks,
                I’m an ardent reader of this (and a few other) mailing lists, 
but usually stay quiet and in the background. However, in light of global 
events and paradigm shifts in the last few months, I’m tempted to speak up.

                While I do use PGP/GPG, I have to admit that the usage has been 
minimal and sporadic over the last few years, with the usual suspects as 
reasons. But the biggest reason of course is “adoption” i.e. very few in my 
social/professional circle use it. Now, we all (probably, subconsciously?) 
know/acknowledge why that is, we are in 2014 after all. 

                My personal belief is that the awareness for secure 
communications is starting to rise, not just for the niche users who are 
already using it/know how to use it, but for the “average Joe user” as well. My 
definition of the “average Joe user” btw is someone who:

-       Has at least one computing device, if not more
-       Is familiar with email
-       Is already using various online mediums
-       Has usually never thought about “secure communications” or maybe in an 
abstract fashion

Now, the barrier to entry of secured communications is high. I realize that. 
I’m sure a lot of you do as well. It’s not easy, it takes time, patience, a 
certain level of expertise and a tacit acknowledgement that they need to use it 
in the first place (probably the most important).

The “secure communications” paradigm of course spans a whole spectrum from “I 
don’t give a ****” to “I’ll do anything to protect my communications, including 
giving away my first born”. I suspect the “average Joe user” in 2014 is 
slightly above the former, but way below the latter. Without going to the other 
end of the spectrum, what will make adoption of secure communications a bit 
more palatable to the “average Joe user”?

Let’s list a few arguments:

-       I don’t even know what I need. – Well, assuming they are starting to 
recognize the need, I suspect they will find out relatively easily as to what 
they need. With a few caveats of course. There’s way more FUD/noise/BS out 
there than the average person can decipher, so it’ll probably end as being 
word-of-mouth recommendations or such.
-       Even if I know what I need, getting it/installing it is hard. – It is. 
The setup/install needs to be simpler, i.e. as simple as installing an “app”. 
That is what the average Joe user is capable of.
-       WTF is a key pair/public key/private key/<insert more arcane 
terminology>… -  This IS a big problem. I may get it, you may get it, how does 
the average Joe user gain that understanding? The nomenclature needs to be, 
well, something that the average Joe user can understand as well. They 
understood SSL (well, for the most part).
-        … several more similar arguments.

Now, what will help drive this adoption more?

-       A better install experience?
-       A “dumbed down” (if you will) taxonomy that they can understand?
-       Simpler UIs? (without sacrificing secure functionality)
-       Better integration with existing systems?
-       Education? i.e. ongoing information dissemination that educates people 
on these things. Newsletters? How tos? Youtube videos (shudder)? And others.
-       Start hitting them on the head with a baseball bat? 

All thoughts are very much welcome and appreciated.

Kapil Aggarwal.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to