Comment Re:Thie is the wrong move! (Score 1) 37
All of them prefer Signal, which has its issues (particularly being tied to a phone number, which is both a strength and a weakness) but which is far, far easier to use,...
Usability is a huge issue for encrypted messaging. PGP is included here. Unfortunately, so is Signal. In a usability study involving Signal[1], 21 out of 28 computer science students failed to establish and maintain a secure end to end encrypted connection. The problem was with identity verification.
...and is probably more secure than PGP/GPG will ever be.
Related to the Signal usability issue related to identity verification, Signal cheerfully allows a user to do messaging without any such verification at all. So that means that Signal, Twilo (the entity that does the phone # verfication) and the phone company all have the opportunity to MITM the connection and get your messages. PGP will insist that you acknowledge that you have done the verification by signing the PGP identity in question. So, for almost all the people that currently use Signal, PGP would actually be more secure.
Signal isn't the only instant messenger that allows insecure operation with unverified identities. In general, if you don't make the issue clear to the user, you are being at least a little dishonest on your end to end encryption claim.