six colors

by Jason Snell & Dan Moren

Support this Site

Become a Six Colors subscriber and get access to a special weekly podcast, monthly newsletter, and community.

Linked by Dan Moren

Email encryption developer running out of money

Fascinating story by Julia Angwin at ProPublica about Werner Koch, the sole developer behind the most popular email encryption program:

Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.

I tried to set up GPGTools on Apple Mail once and while it wasn’t the easiest process in the world1, the bigger problem is that so few people use email encryption. Adoption is essentially nil among mainstream consumers.

Apple makes a big deal of the security of iMessage and FaceTime, and we all know to look for the padlock icon in our web browsers. But email is still a huge part of how we communicate online—think of how much critical information is exchanged in plaintext across the Internet everyday. A company like Apple building a transparent, one-click encryption system into its mail client could go a long way toward securing that traffic, even if it were only between users of Apple devices.2

Encouraging the adoption of email encryption by actually investing it would be a great start. It seems like it would be in the interests of most major tech companies—like Google, Microsoft, and Apple—to keep Koch in business, given how much of a concern security has become.

Update: Scot Olsen points out via Twitter that Apple started encrypting most of the email to and from iCloud accounts last year, though the ultimate security of those messages still depends on the weakest link in the chain, and many mail servers may not be set up to support encrypted messages.


  1. When I think of my family or most of my friends trying to set up encryption, well, let’s just say it’s clear why adoption’s so low.  ↩

  2. I’m sure intelligence agencies would love that. Which is, in and of itself, enough reason to do it.  ↩