Open source is a well-defined term with a well-defined meaning. In fact, it was coined precisely because "Free Software" was considered to be too ambiguous.
Words have meaning. You can't just change the meaning of a well defined term to suite your views.
Not to turn this into a contest but Rust officially supports windows 7. In fact I believe Rust fully supported windows XP too until very recently when they decreased platform support to supported-but-unbuilt-and-untested.
Another benefit of a community-driven language as aposed to a corporate-controlled one.
I still have a hard time accepting this happened. Sovereignty doesn't seem to exist anymore: We have a single government, 10% privileged human beings that have some rights and say in what it does, and 90% who don't.
GP is rightfully pointing out that political discourse is far often centered on identity politics to the exclusion of more important topics such as human rights.
No one is saying that one precludes the other except you.
Which will encourage courts to render these "agreements" invalid. I think there was a study that showed that it would take the average user 40 man-years to read and understand each software or serive legal agreements they "agree" to.
Software legal agreements are a farce, and it's only a matter of time before governments step in and regulate the shit out of it.
People in this industry use OpenPGP because it's flexible and amendable to almost any usecase you can think of. "Better solutions" are usually indeed better but are also so specialized for their purpose to the point that they can't be easily used for any other purpose.
OpenPGP is used to secure everything from simple messages and email to authenticating OS updates for most servers today.
Should they use something more specialized now that it exists? Sure, but that an argument for PGP not against it; PGP is useful in situations where no specialized solutions exist or are inadequate.
Until something comes along that can cover every situation where OpenPGP is useful, I can't see people stop using it (much to the dismay of the 5 vocal crptologists that keep arguing against it).
The specs are really good for the price and clean design is aesthetically pleasing, but I won't be able to enjoy it knowing that facebook is behind it.
It doesn't even have to be the US government itself doing this; US companies are becoming large and strong enough to do as they please without regard to what lesser organizations and even countries have to say.
Perhaps governments around the world should do what the US did (and still does) to foreign companies before its too late.
> You access the the developer's webpage (via a browser and https) and read the installation instructions. They tell you to curl in (over https) some pgp key and some (https) endpoints for finding and downloading the package.
> The PGP part of this can be replaced with NOPs and this is no less secure.
That's one of most absurd hyperbolic assertion I've had the misfortune to come across in the whole PGP debate so far. You're clearly not acquainted well-enough with how PGP is being used by linux distributions. That, or you're simply debating this subject in bad faith. Assuming the former: HTTPS is only relied upon to bootstrap keys, like pretty much every other PGP replacement you're willing to advocate for.
I know this may be painful to read for someone working on a PGP competitor, but PGP
* is a standard,
* is successful,
* is widely adopted, and
* will likely remain so for the foreseeable future.
The op and the myriad of new PGP libraries and applications that keep popping up stand testament to this. You'd probably do better to reflect on this fact than to argue and downvote a green account on an old hn thread.
This discussion was about your false assertion that PGP "has virtually no adoption".
If you want to change our discussion to be about replacing PGP instead, then I completely agree that people should replace PGP with modern properly-standardized alternatives if such exist.