
Doug Tygar, author of Why Johnny Can't Encrypt, has died - sbuccini
https://eecs.berkeley.edu/news
======
joshAg
[https://www.ischool.berkeley.edu/news/doug-tygar-
tributes](https://www.ischool.berkeley.edu/news/doug-tygar-tributes)

------
euid
Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 -
[https://people.eecs.berkeley.edu/~tygar/papers/Why_Johnny_Ca...](https://people.eecs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf)

~~~
dane-pgp
As an indication of the effect that the original 1999 paper has had on
security research, and its legacy, let me also mention the paper "Why Johnny
Still Can’t Encrypt" [1] from 2006, and the paper "Why Johnny Still, Still
Can't Encrypt" [2] from 2015.

Perhaps in a few more years Johnny will finally be able to encrypt using email
software that supports the emerging Autocrypt standard. [3]

[1] [http://cups.cs.cmu.edu/soups/2006/posters/sheng-
poster_abstr...](http://cups.cs.cmu.edu/soups/2006/posters/sheng-
poster_abstract.pdf)

[2] [https://arxiv.org/abs/1510.08555](https://arxiv.org/abs/1510.08555)

[3] [https://autocrypt.org/](https://autocrypt.org/)

~~~
tialaramex
Mmm.

Repeatedly what makes a big difference has been ambient availability.
Something is "just there" and you rely on it without even thinking about it -
the way we mostly take clean water for granted in in the industrialised world.

I believe this was important for DSL and similar technologies often labelled
"broadband" Internet service. Having 5Mbps rather than 50kbps seems important
but what I'm confident really mattered was that the former was Always On, you
didn't have to "go online" to check email or do a search or watch a video any
more, and that changes how you think about everything.

For encrypted messaging that's delivered by systems like Whatsapp (and of
course Signal) because everything is always encrypted all the time. It is not
delivered when you need to explicitly "turn on" encryption, no real users will
do that for routine conversations.

It makes a huge difference in transit too, transit engineers call it "metro
service" \- once you schedule at high enough frequency users change how they
use the service. If there's one train a day people need to plan "OK, the train
is at 11:23 so I need to be at the station a few minutes before that". When
there's one bus a minute (some London peak bus routes) that never occurs to
the passenger at all. They just catch a bus when they need one, because
obviously there will be a bus, there is always a bus.

In many countries 4G wireless Internet has this sort of "ambient availability"
outdoors in populated areas, but not so much in the wilderness or indoors.

EduRoam (and to a lesser extent GovRoam) do this for WiFi. The experience is
that whether you're at your university or some foreign university maybe for a
conference, WiFi just works the same everywhere magically.

Autocrypt seems to have some thoughts towards ambient availability but it's a
long way from here. I wish you luck but if you can't reach that point it's
probably not going to make a significant difference.

------
glangdale
That's very sad and AFAIK startling - he was still relatively young. I
remember him being very friendly as a faculty member at CMU, as well as being
whip-smart.

It is interesting that "Why Johnny Can't Encrypt" is the paper that appears in
his obit link. This was coauthored with his student Alma Whitten (who later
went on to the thankless task of being the main flak-catcher for Google on
privacy issues, including what looked like some uncomfortable grillings on
Capitol Hill).

~~~
kick
According to a comment on the thread in /r/berkeley from a man claiming to be
a former roommate, he was born in 1962. Getting up there in years, but either
way it's a shame.

