> Maybe the reason why people don’t want or like PGP is because it needs strong human processes to work properly and keep its integrity, and that breaks the illusion that you can easily solve everything with tech.

What you've got here is pretty much the mirror of the argument you've dismissed a paragraph earlier. Now you're desperate to rely on humans instead.

This makes me think about Snowpiercer, for two reasons. One is that Snowpiercer has this ludicrous conceit about replacing unavailable engine components with humans but the other is that we've really been here with the actual railway trains in the nineteenth century.

There was a pattern. One of these new-fangled railway trains crashes, often killing many people, the company directs public blame toward the driver, who will be portrayed as incompetent, drunk or worse and so fully responsible for the accident. Nothing changes, rinse, repeat. How was this cycle broken?

We did not find some species of super-human train driver, instead we invented technology such as the Absolute Block system, Interlocking railway signals, the Dead Man's Handle. Even apparently trivial technologies like the Driver's Reminder Appliance (it's just a switch!) are still technology.

PGP isn't very good technology. Like one of those early mechanical signals that might seem to indicate "clear" but it's actually just weighed down by snow and frozen in place so that it can't indicate "danger" instead, the way forward isn't "We need to rely on super-humans to compensate for the short-comings of the technology" but "We need a technology that sucks less so the humans don't need to be super-human to succeed".

> PGP isn't very good technology.

What part of PGP precisely? I've read a lot of criticism of PGP but they were either focused on a specific (catastrophic) implementation such as GNUPG, or were really skeptical of usage by non-technical humans.

I know quite a few people doing PGP email with Thunderbird and they're pretty happy with it. It's also very convenient that their GNOME-based Tails operating system has PGP sig verification enabled as context menu entry in the file manager, same for encryption/decryption.

Basically, once you know what public/private keys are, you've got all you need for secure communications. Is that a bad thing? My only HUGE criticism of PGP is with the key servers. It's getting better now with WKD, OpenPGPCA, etc.. I'm really excited about the Sequoia project. From their blog/docs it appears all my criticisms of PGP are being addressed.

When PGP was invented, a bunch of things we are now quite sure how to do either were experimental or hadn't been discovered. In some of those cases you can retro-fit to PGP, so e.g. you can use a nice elliptic curve signing primitive instead of RSA, you can do AES instead of IDEA. So far not too bad.

But then in some cases what we became quite sure about is that PGP's principles/ assumptions are themselves wrong. For example, PGP is pretty sure a message ought to have a digital signature from the sender so you know who it's from. But that's wrong, now you're helping the recipient prove to everybody else what you sent them. That doesn't sound like "pretty good privacy" at all. If instead we do message integrity correctly we can assure the recipient that you wrote it, but since they could have forged that assurance they don't have proof you wrote it which they could show to anybody else. They could tell others what it says, but they could just as well make up any rumours they want.

The worst of these problems is the Web of Trust. The Web of Trust can't work. It might work if everybody you know is a cryptographer and everybody they know is a cryptographer and so on. But it can't work in real life, and often in describing it people make revealing mistakes.

Let me quote somebody else making such a mistake (not on HN) and then I'll reproduce part of my response to their mistake in answer:

"How much do you trust guy #53 of 120 you met at FOSDEM? Do you remember how well you checked his ID?"

I am 100% certain my mother is my mother, but I wouldn't trust her as far as I can throw her. And this is where the WoT breaks down. Your trust metric must reflect your confidence that these people will do their part correctly in the WoT, but even conscientious users often don't understand how to do their part correctly, so realistically almost everybody's "trust" indication for almost everybody should be zero. At which point it's not a "web" it's just a bunch of unconnected points.

It's funny that you could make literally the same argument about C, especially since so much of the PGP ecosystem relies directly and entirely on software built in C.