by Dan Moren
Email encryption developer running out of money
Fascinating story by Julia Angwin at ProPublica about Werner Koch, the sole developer behind the most popular email encryption program:
Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.
I tried to set up GPGTools on Apple Mail once and while it wasn’t the easiest process in the world1, the bigger problem is that so few people use email encryption. Adoption is essentially nil among mainstream consumers.
Apple makes a big deal of the security of iMessage and FaceTime, and we all know to look for the padlock icon in our web browsers. But email is still a huge part of how we communicate online—think of how much critical information is exchanged in plaintext across the Internet everyday. A company like Apple building a transparent, one-click encryption system into its mail client could go a long way toward securing that traffic, even if it were only between users of Apple devices.2
Encouraging the adoption of email encryption by actually investing it would be a great start. It seems like it would be in the interests of most major tech companies—like Google, Microsoft, and Apple—to keep Koch in business, given how much of a concern security has become.
Update: Scot Olsen points out via Twitter that Apple started encrypting most of the email to and from iCloud accounts last year, though the ultimate security of those messages still depends on the weakest link in the chain, and many mail servers may not be set up to support encrypted messages.