
Donations received in 2016: 8506€ - hkt
https://gnupg.org/donate/index.html
======
mgiannopoulos
Facebook and Stripe pledged to support the project but apparently(?) forgot
that after 31/Dec/2015 a new year comes in...

>> Facebook and Stripe are each going to sponsor GNU Privacy Guard (GnuPG)
development with commitments of $50,000 per year to help sustain the important
work of this open source security project.<<
[https://www.facebook.com/notes/protect-the-
graph/supporting-...](https://www.facebook.com/notes/protect-the-
graph/supporting-gnu-privacy-guard/1564591893780956)

Edit: The official blog confirms that Facebook promised to continue supporting
the project

>> Lastly, let us confirm that we were meanwhile able to clarify our perceived
problem with the Facebook donation promise. This was all due to an unfortunate
misunderstanding between us. Facebook will keep on supporting GnuPG in 2016
with a donation of 50000 USD.<< [https://gnupg.org/blog/20160519-gnupg-
in-2016.html](https://gnupg.org/blog/20160519-gnupg-in-2016.html)

~~~
nicky0
It's possible this form only shows the amount of money donated using the form
itself. Facebook's donation may well have been handled via a different
channel.

------
stanmancan
Anecdotally, donation based "support" systems seem to be quite broken from
what I've experienced. I created a free API about 5 years ago
([https://macvendors.com](https://macvendors.com)) and have a "Donate to
Support" blurb on the site. It's been up for 5 years, gets 200K-250K unique
visits to the site per month, and the API is currently handling around 300
million requests a month. Donations? I think I've received 6 over the last 5
years totalling ~$65.

~~~
JoeAltmaier
I'm thinking its like SEO - where is the donate button? How is it presented?
Lots of a/b testing could be done to improve the odds.

~~~
GFischer
Also, an explanation of expenses, how the money will help, etcetera.

I don't have much money to donate but I've seen some very compelling donation
requests which wanted me to really start donating.

Patreon has also sounded very compelling to me.

------
jventura
Given the title, I'm assuming that the amount of money received is on the
short side..

So, what should be a good amount for this project? Or in a more general tone,
what should be a good amount of donations for any open-source project? Enough
to support the lead maintainer's life style, server costs, etc?

~~~
otoburb
The GnuPG's 2015 financial summary (balance sheet and P&L statement)[1]
indicates that the author is paying himself an annual regular salary of 47,400
EUR which includes mandatory social insurance, plus some subsidized rent for
(only) 2681 EUR. Note that in 2015 GnuPG also had 3 fulltime programmers on
payroll for around 160K EUR.

The key quote is at the bottom: "Along with the paid projects we are currently
working on, the two large donations that we are expecting (from Facebook and
Stripe), the Linux Foundation grant, and a small stream of individual
donations, g10code will be able to operate with its current staff until the
end of 2017. _Obviously, we need a longer term plan._ " (emphasis added)

[1] [https://gnupg.org/blog/20160421-financial-
results-2015.html](https://gnupg.org/blog/20160421-financial-
results-2015.html)

------
hkt
Highlighting this because it still confounds me that projects like this
receive no support. I'd be unsurprised if this wasn't the only project in a
parlous state. What is all the more baffling is the lack of support from the
FSF, EFF, etc.

It also baffles me that the Core Infrastructure Initiative isn't involved in
GPG (to my knowledge) considering we have more or less no other way of signing
software releases that is commonly used.

Projects like this need more love than they get. How can the community -
rather than wealthy beneficiaries - ensure this sort of thing gets enough
funding? Open question, because I don't know.

~~~
dublinben
The FSF has a list of community-nominated High Priority Projects, but GNUpg
isn't among them.[0] They have their own struggle to raise money each year, so
it's hard for them to support every worthy project.

[0] [http://www.fsf.org/campaigns/priority-
projects/](http://www.fsf.org/campaigns/priority-projects/)

------
koolba
Someone should make a startup that puts cash collection boxes, targeting open
source projects like this, in areas trafficked by technologists. I don't like
handing out payment information (if it can be avoided), but would happily slip
$20 cash into an anonymous box. Maybe have a number of fixed locations and
rotate the projects that a days "cut" goes to.

If the Salvation Army can have a guy in a Santa suit outside Walmart, why
can't we have someone on a corner in SoMa? (A Santa length beard might give
more "street cred" too!)

~~~
divbit
Not giving out payment information seems like a problem that putting a bitcoin
address on your project website could maybe solve.

~~~
tashbarg
I assume someone uncomfortable with giving out payment information would be at
least as suspicious with bitcoins persistent and public ledger.

Bitcoin is far from anonymous. In fact, all is out in the open but you can
"invent" new names for yourself all the time. It's therefore pseudonymous by
nature but the openly accessible and analyzable flow of bitcoins makes even
only reasonable anonymity very hard to achieve.

~~~
divbit
There are reasonably easy ways around this though - for example, keep your
coins in monero, and send to the bitcoin payment address via a service such as
xmr.to . (I'm sure that there are other ways, but that's just the one I'm most
familiar with - in fact one may even be able to find some software which does
this conversion automatically for you via the xmr.to api).

~~~
tashbarg
Simplified, you pay someone (in another, probably more anonymous currency) to
pay the recipient in the less anonymous currency.

A less technical way would be paying someone in cash to do it.

~~~
koolba
> Simplified, you pay someone (in another, probably more anonymous currency)
> to pay the recipient in the less anonymous currency.

I'm pretty sure this is the definition of money laundering.

~~~
tashbarg
I think so, too. That's why I wrote it down simplified.

~~~
divbit
Monero in fact has 'view' keys so you can report, and prove, the transaction /
donation to relevant authorities, without revealing your private key, and
without making your transaction history visible to the general public.

------
mi100hael
Tangentially related, but does anyone know who is behind GPGTools for Mac
([https://gpgtools.org/](https://gpgtools.org/))? Seems like they're a
distinct entity from GnuPG despite the naming similarities (infringement?). I
don't see any information on their website regarding who or what org is
backing the development and maintaining the project.

~~~
nezza-_-
You can find who is committing code etc on their Github projects:
[https://github.com/GPGTools](https://github.com/GPGTools)

And the GPGTools website is registered to Lukas Pitschl:
[https://twitter.com/lukele](https://twitter.com/lukele)

They are not really hiding anything I think. Also GPGTools uses GnuPG etcpp..
Don't really see an infringement (if GPG is protected in the first place)

------
otoburb
In February 2015 donations GnuPG raised funds in a short period of time due to
some well-deserved publicity, but the runway is probably close to running
out.[1]

[1] [https://gnupg.org/blog/20150310-gnupg-in-
february.html](https://gnupg.org/blog/20150310-gnupg-in-february.html)

