FAQ: Technical Questions & Answers
Why not user-to-user PGP?
Trying to get individuals to encrypt their email has had 20 years to work. There are excellent guides from Freedom of the Press, EFF, and Free Software Foundation. But it's a lot to learn and a lot of work. Bruce Schneier says, "If PGP has taught us anything, it's that one click is one click too many." Only experts encrypt their email.
It's time to protect the rest of us.
With GoodCrypto the users themselves don't have to do anything to encrypt. GoodCrypto does it for them, in a private server connected to their mail server. For almost everyone the alternative is unencrypted mail. Another huge advantage is that people can keep using the mail software they know on any platform they want.
Without a solution like GoodCrypto almost all email is unencrypted. Anyone who taps the line can read it. We suggest you limit that risk to your own administrator. Everyone in the group gets PGP mail. The tradeoff is that your mail administrator who can already read your mail can still read your mail.
Experts can still encrypt their mail themselves. But now everyone else in the group gets encrypted mail too. Everyone is protected.
Individual users have a terrible record for using crypto, and a worse record for protecting their computers. Botnets show that mass cracking is already automated. How can you protect all those user computers?
Most people already trust servers to protect private keys for HTTPS, SSH, and more. It is possible to protect servers. Otherwise banks and stock exchanges would suddenly find their money gone.
Because blocking spam and malware requires the decrypted message, end user encryption also means users have to deal with spam and malware themselves. Some of that malware will crack their system for their keys. And businesses often need a record of all mail.
Transparent encryption works for everyone.
To stop mass surveillance we need mass encryption.