Hi, I think this is my first post to this list, but I've been a lurker for a bit.
This campaign looks pretty awesome. I tweeted the video and it's getting some pickup: https://twitter.com/micahflee/status/411569314097934336 I hope you don't mind a bit of feedback. On 12/13/2013 10:57 AM, Werner Koch wrote: > I was somehow able to convice Sam not to install Wordpress like blogging > software right now. Which also means that for comments you need to > resort to gnupg-users ;-). One way that I think the blog could be improved is by providing permalinks for the individual posts. I actually wanted to tweet the "Preparing for launch" post, but the only URL I could tweet is http://blog.gnupg.org/, so I decided to post the YouTube URL instead. Looking back through this list archives it appears that this fundraising campaign actually has a "matching grant", to use non-profit development language? Each donation is doubled? If so, that can be a major selling point for getting donations this "giving season". Each year for 3 years now EFF has had a wildly successful video game-themed "Power Up Your Donation" campaign that's based on matching grants, and it's currently going on for the next couple days: https://supporters.eff.org/donate/power-up-2013 In the video you say that GPG is used by the government, hackers, and billion dollar companies. I think when promoting GPG it's good to include in that list activists, journalists, whistleblowers, and ordinary people that care about privacy. I think you can brag about widespread use amongst this same set of people: https://www.torproject.org/about/torusers.html.en In fact, organizations like Tactical Technology Collective do GPG trainings for activists all the time, and Edward Snowden insisted on Glenn Greenwald using GPG before they wrote any emails of substance. The use of GPG amongst journalists has blown up in the last 6 months now that everyone knows they're being spied on. Finally, if you're raising money to rebuild the website, could you add HTTPS to your to do list? Using HTTPS, making HTTP redirect to HTTPS, using the HSTS header, using perfect forward secrecy ciphersuites, and all those other best practices? I'm well aware of the drawbacks of CAs and centralized trust, but I don't think that's a very good reason to not protect privacy of website visitors by default. -- Micah Lee
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users