Once-starving GnuPG crypto project gets a windfall. Now comes the hard part

For almost two decades, the open source GnuPG encryption project has teetered on the brink of insolvency. Now, following word of that plight, the lone developer keeping the project alive has received more than $ 135,000—in a single day, no less.

Short for Gnu Privacy Guard, GnuPG or simply GPG was first conceived in 1997. It makes up the guts that run GpG4Win, GPG Tools, and Enigmail, encryption programs that run on Windows, Macs, and as a plugin for the Thunderbird e-mail program respectively. An open source version of Phil Zimmermann’s PGP, GnuPG quickly surged in popularity. Because it was written by a German citizen outside the US, it wasn’t subject to then-draconian US laws restricting the export of strong cryptography technologies. Former NSA whistleblower Edward Snowden relied on the program to evade monitoring as he carried out his massive leak of top-secret documents. Many journalists and security professionals also swear by it.

Despite the popularity of the program, Werner Koch has struggled to make ends meet. According to a profile published Thursday by ProPublica, the 53-year-old resident of Erkrath, Germany, grew so impatient with the lack of funding that he considered abandoning the project and taking a better paying programming job. When documents leaked in 2013 by Snowden showed the extent of NSA surveillance, he decided the time wasn’t right to drop the project. He has been stuck in limbo ever since.

Read 9 remaining paragraphs | Comments


Ars Technica » Technology Lab