A couple weeks ago I had found out that a friend was keeping his passwords in a google sheets document. I was horrified. But he’s a normal person. I mean, not more technical than the next guy, or just a little. He’s using the web interface of gmail for his mail, like many people do (I even know very technical people doing it, which is still boggling me). I looked around and found mailvelope. So I hook him up on it and now he can use GPG.
In the past 20 years I have seen the timid evolution of personal encryption. Oh there are initiatives like Keybase, various simple tools like passowrdstore or Felony that I discovered this week. But it seems that encryption don’t really stick to the usages, unless you have a specific thought about it. Fortunately there is some wise generalization of SSL for inter-server communication, with initiatives like lets encrypt. But inter-personal communication is still wide open.
More and more it is well-known that our data is food for various corporation, governmental agencies, and dark organizations. What will it take for getting the users to claim better privacy? Will it ever happen?
I mean, yes for sure people can use the tools. But it’s cumbersome. Until encryption is embedded in our tools and services, it simply won’t spread significantly enough. There are some projects like Caliopen that try to do so. On another hand, we have seen some services like Telegram which provide such service, and even some mainstream providers like Whatsapp jump into the full-encryption train. So maybe there is hope? I still wonder what’s the part played by Facebook (which now owns Whatsapp) in that move.
The recent fight between Apple and US government was supposed to set some kind of precedent. Too bad it was aborted. But they would have complied at the end, this is my bet. Now that encryption is the only way for companies to legally keep their users safe from legal (and illegal) inquiries, maybe more will consider it?
If you have two onces of technical savyness, please stop running naked on the streets. Gear up and use encryption whenever possible.