Skip links

PGP Is Not Private

PGP doesn’t protect your privacy

Using PGP tells the world you’re encrypting your emails and how you’re doing it. PGP has a distinct signature that anyone looking at internet traffic can spot. It is child’s play to capture all the messages encrypted with PGP and analyze them. One essential part of online security is “security by obscurity”—keeping things hidden from view makes it harder to find them in the first place. PGP doesn’t do this and hasn’t ever done this.

PGP lets you and your messages be traced

Because PGP was built for email, PGP must keep everything about your message in plain text. This means as your email goes across the internet anyone can see:

  • Your identity (email address and name)
  • Who you’re sending your message to
  • The mail servers for both you and your contact
  • Where you and your contact are in the world (by looking through the servers the email passed through)
  • The subject of your email

When you send emails using PGP, you’re telling everyone everything about your conversation. The email might be encrypted, but does that matter if anyone can see who you’re emailing, where you both are, and what you’re talking about?

PGP can’t keep your secrets

Most PGP users keep the same private key for years. Eventually someone will find your private key, figure out the password, and start decrypting your past and future messages. Because PGP messages are so easily captured and collected, this is a real threat to anyone relying on PGP to protect their privacy, communications, or security.

Apps with PGP are vulnerable

Programmers have only a few ways to include PGP in apps. Time and time again, these programing libraries have been proven vulnerable to attack. The EFail vulnerability was bad enough the Electronic Frontier Foundation declared PGP unsafe until it was fixed. EFail attacks were completely targeted at how PGP was used in apps and exposed messages before they were encrypted.

PGP encryption is weak

PGP has limited and weaker encryption compared to modern encryption apps. SKY ECC uses 521 bit ECC to secure all messages and saved files—orders of magnitude more secure than what PGP can offer. PGP can’t come close to encrypting messages to that degree.

Privacy that isn’t good at all

When you use PGP, you have to accept:

  • Your privacy isn’t protected because everyone can see who your talking with
  • Your emails can easily be tracked, stored, and analyzed
  • Weaker encryption for your messages and no protection for your metadata
  • No protection for your network connection, device, or files
  • Limited features that have changed little since 1991

If you care about protecting your privacy, your communications, and your security, you can’t trust PGP. SKY ECC is the only solution to offer 521 bit ECC encryption for messages and files, encrypted metadata, and always-on network encryption. All installed on secure devices impervious to surveillance, malware, and hacking tools.