When I had it: PGP Gave away my e-mail address

I paid several hundred euros to PGP over the past few years. Almost every upgrade was a problem. Both their software updates and operating system upgrades caused things not to work. Can you imagine? Under OS X 10.4, you’re using PGP 9.5 and when it updates to 9.6, you can no longer mount your PGP disks? PGP Corporation goes to great lengths to explain why they can’t be held responsible for our agonies. I tried quite hard to understand them but I can no longer sympathize with their position. I think there is a fundamental problem with this company. Funny enough, I lost my temper with PGP not because of all the hassle of updating or upgrading, but after an e-mail I received from PGPC. This bastion of secure communications sent me an e-mail notification for PGP Desktop 9.7. So? Well, my name was among 30 or so e-mails in the CC line. That was then when I decided PGP can’t be trusted for my security. If they can’t be careful enough not to distribute our e-mail addresses to unrelated audiences, how can we trust them for the security of our data?
You’ve got mail!


1 Response to “When I had it: PGP Gave away my e-mail address”

  1. 1 Roberto Franceschetti November 12, 2007 at 9:04 pm

    This was just too much. I received a similar email, also with about 26 email addresses in plain view (different than yours, so there were multiple emails sent). Amazing. And think that it was sent by John Dasher himself, “Director, Product Management” of Pretty Good Privacy dot com….


    I just posted a comment with this info at http://forums.pgpsupport.com/viewtopic.php?p=38090#38090 Let’s see if they are going to admit to their mistake and apologize or if they are going to try to censure the posting.

    For the record, the posting stated:

    PostPosted: Mon Nov 12, 2007 3:57 pm Post subject: PGP’s Email notification disclosed recipients

    I just received an email notification from pgp.com to notify me of the availability of the new beta.

    Unfortunately however, this email was sent in a very, very unprofessional way, as all of the recipients in the email were specified in the “TO” headers, and were thus visible to everyone else. I was thus able to see all the other users to whom the email was sent, just like everyone else was able to see mine, blatantly violating our privacy.

    Considering that this email came from Pretty Good Privacy dot com, in the name of John Dasher (Director of PGP Product Management), the error is much more serious than the one a secretary in small company could have made.

    Needless to say this was very disappointing, and was the icing on the cake for the other fiasco in not having a Leopard-compatible version of PGP ready.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: