It makes more sense than not encrypting your messages at all. Actually it's dramatically changing the sort of problem that you're dealing with. If you really just don't trust Apple at all, then I get it. Don't use their products at all, because they could have put in NSA backdoors to everything, so use FOSS.

But my point wasn't that we should trust Apple. My point was that Apple managed to create an encryption scheme for messaging that results in every message being encrypted, without the user being expected to do special configuration and key management, and it's baked into their software by default. If Apple can do it, why can't someone else?

For starters, if we want GPG to be the default for encryption, why can't we have thunderbolt built in such a way that it includes GPG, Enigmail, and everything else? Why not have the default setup prompt to set up encryption, generating keys or restoring them if they don't already exist? And what's your plan to standardizing backup/recovery of keys?

Fine, don't trust Apple, but then build your own system that's at least as good.

Only if you assume that Apple is a burglar, in which case, don't trust them with anything. But in reality, it's just too much of a big deal to not trust anyone with anything. I put my money in a bank, even knowing it's possible for them to make unethical use of my banking records. I store my email on Gmail. I store my website with my web host. I accept SSL certificates from certificate authorities. I buy my phone from Apple and my laptop from Lenovo. There could be hardware chips built in by the manufacturers that are logging my keys. Realistically what am I going to do if I don't trust anyone? Even when I use Linux, I'm still trusting people. I didn't do a code audit myself.

You can use the same encryption scheme for encrypting anything.

Not necessarily. You just need to make key management easy. I know people are going to get angry every time I bring up Apple, but OSX can store certificates/keys in the keyring, which can then be backed up to iCloud. Don't trust Apple if you like, but my point is that it's not impossible to make the whole thing much more automatic, safe, and easy for normal users.

The problem with public key encrypted email is that your keys only work for encrypting email you receive, not the email you send. In order for an email to be private, the receiver has to set up encryption.

While I'm sure I could set up encryption for my email quite easily, I can assure you most of my friends and family have no interest in going to the effort.

In addition to that, encryption only encrypts the body of the message. The to/from addresses, header line, and other tags are sent in plain text, regardless of whether you "encrypt" your email. And the NSA, et. al. claim they're only interested in that header information in the first place to identify who your contacts are, not what you're saying to them.

So encrypt away -- they're still getting the info they want from your email headers.

People understand what cars do better than they understand computers, and when you lose your car keys, you don't lose the whole car.

Explanation needed.

And yet, as I point out, Apple has done it with iMessage. A lot of sites encrypt their traffic with SSL.

I think the real problem is one of standards. Email is from a time when everyone wanted open standards. Rather than improve and refine those standards, everyone is moving towards closed systems (Facebook/Apple Messengers, Google Hangouts, etc.). Nobody is even trying to improve email anymore.

I think that if that person knew what he was talking about, he would have said, "Open source has the potential to greatly increase the quality of code because the world can see the source and make fixes."

Just because there's the potential for FOSS to be more reliable and more secure doesn't mean that every project will be. And even so, nothing will eliminate all bugs.

Stop using your 'gut' and start educating yourself and using your brain.

There's no point in encrypting your email with something like GPG if you're the only one using it, and most people aren't going to use it until it's easy.

I know, you'll tell me it's easy. Just download this software, install it, and it'll work for your email client assume you're still using an email client and there's a plugin available for it, which there might not be. Otherwise you need to copy and paste and stuff, and... oh right, then there's also the whole issue of managing keys and keeping a backup copy safe. Most people don't back anything up.

You have to make it easy. Someone will get angry because I appear to be praising Apple, but take iMessage's encryption for example. Do people using it know that their messages are encrypted? Probably not. Are they given a choice? No. Do they know that they're generating encryption keys? Probably not. Are they asked to manage their own encryption keys? No.

That's easy. GPG isn't. Email encryption needs to be that easy, or people won't use it.

" that make Al-Qaeda seem a bunch of amateurs."
no. The Mob has nothing on Al-Qaeda. Al-Qaeda is a global organization bent on destruction. Maybe person AB is a banker laundering money who has contacts into several cells and they want to track where that money goes to the specific person? Maybe some of that money moves through a well connected political corporation? Maybe if people know who they are it will spark a series of attacks?

My point is I can see a place for them. How do we be sure it isn't abused? A law that says the records are opened in 3 years?

AT&T and Verizon can pick over the corpse. That's a near certainty. Sprint will be $54 billion in debt with a shrinking customer base and nothing but the same disasters on the horizon of pretending to 'integrate' two absolutely incompatible networks. It's as if Sprint is run by the Federal government or the Soviet Union.

This seems really dumb to me. Having your bank track your whereabouts seems like a bad trade-off. How about we just fix the credit card system instead?

Like how about we use a private key encryption scheme instead of a credit card number in order to pay? If you want to have cell phones involved, they would make an easy method of storing and accessing the key, providing a digital signature when needed. Doing that would actually provide a huge improvement in security, and do so without having my bank constantly tracking my whereabouts.

Forcing somebody to do what they don't want to do isn't slavery?

Which you say right after being a prohibitionist yourself. See what I mean?

Then the word 'art' is meaningless.