January 2, 2026
Swiss Army Knife Fight
The PGP Problem (2019)
PGP Is a 90s Relic, Says Post—Fans, Haters, and Snowden Defenders Clash
TLDR: A viral post says PGP, the old-school encryption tool, is outdated and confusing. Commenters fought over fixes: some want simpler replacements like minisign and cite new attack talk, others say “gpg protected Snowden,” leaving regular users asking what to use next and why it still matters.
The internet dusted off a 90s icon and started a brawl. A viral post drags PGP—the old lock-and-key tool people use to protect emails and files—as an overstuffed “Swiss Army knife” that does everything badly, with confusing parts and outdated choices. Commenters swarmed with strong feelings: some yelled “finally!” while others clutched their keychains.
On Team Burn-It-Down, one user said the drama is back because of fresh hacks flagged at CCC, a hacker conference, and cheered the article’s takedown of PGP’s 90s vibes. But Team Can’t-Quit-You fired back with nostalgia and practicality: one fan argued the “Swiss Army” design is exactly why GPG (a popular PGP tool) is powerful—keys, revocations, signatures, it’s all there—and begged for a “modern version” rather than a funeral. The pragmatists pointed to the real blockade: even if PGP is clunky, ripping it out of Linux and big software projects is hard. One commenter pleaded to ship easier tools like minisign by default to help people move.
And then came the mic drop: “gpg protected Snowden,” a reminder that, flawed or not, this relic has history. Meanwhile, a side-quest argument erupted over a broken link, because of course it did. Verdict: crypto Twitter meets family Thanksgiving—loud, messy, and oddly entertaining.
Key Points
- •The article argues PGP (including OpenPGP/GnuPG) is outdated, with long-standing issues left unresolved by modern cryptographers.
- •PGP’s packet-based format is highly complex, with multiple length encodings and overlapping packet types, contributing to parsing problems.
- •A keyserver-related incident occurred when GnuPG parsing became quadratic on keys, tied to the complex packet/key formats.
- •The critique highlights legacy defaults: 2048-bit RSA, CAST5 in CFB mode, OpenPGP MDC, and S2K KDF for passwords.
- •Modern best practices cited include authenticated encryption, avoiding 64-bit block ciphers and compression+encryption, preferring modern public-key options, and using time- and memory-hard KDFs.