GPG Suite Beta 6

In the 6th beta of GPG Suite we've updated gnupg to version 2.0.27 and fixed some minor bugs.
The workaround first released in Beta 5 for smart card support under Yosemite seems to be working quite well and we haven't heard of any new problems.

We encourage all of our users to install this release.
GPG Suite Beta 6 runs on OS X 10.6 and newer.

Please report any issues you find on our support platform. GPG Suite Beta 6 Supports OS X 10.6 and newer
Download GPG Signature (to verify the signature, please download and import our updated key)
SHA-1: 6621fc1da5211650b6ef4aa959fdd385a6a5a6d5

An open letter about our future

Dear all...

TL;DR: We thought long and hard about how we could realize our vision for GPG Suite in the long run. Our answer is to introduce a small fee to pay for GPGMail starting with GPGMail for Yosemite. A free beta version will be available in 2-3 weeks (possibly earlier).

The longer story: About five years ago we started working on GPG Suite. It started out as a very chaotic process, but became much more organized and focused over the years. We grew together as a team and learned a lot from our mistakes, which was also necessary as our user base had grown immensely. Since we slowly realized GPG Suite was becoming the best OpenPGP solution for Mac, we wanted to work on it and present it as professionally as it deserved. In consequence we also wanted to provide helping material for new users to get started and spend a lot of time on our support platform to help everyone out, who was stuck.

With our growing user base, the time necessary to run this project professionally increased quickly and constantly and today two things are abundantly clear:

  • We would love to transform GPG Suite into a sustainable business for many years to come, so we don't have to compromise on the time we'll be able to invest and the quality of the product.
  • Our current donation based system is not a viable option if we want to achieve that goal.

You can’t imagine how thankful we are to you, our donors: We couldn’t have come so far without your support. Thank you so much for that!

To plan and execute our future ideas it’s necessary however, to know that we’ll be able to sustain our development and support costs. We’ve considered a variety of options (including crowdfunding) and came to the point that those were short time solutions and we need a long time solution to do the best work we can as we simply don’t want to compromise on the quality of our tools or support service due to a lack of time again. That wouldn’t help anyone.

That’s why we decided that we’ll introduce a small fee to pay for GPGMail, starting with the release of GPGMail for Yosemite.

We realize that some of you might not be happy with this decision, but we strongly believe that this direction will lead to the best outcome for our current and future users. We’re not sure what GPGMail will cost yet, but we are sure that it’s gonna be a fair amount.

Our goal is focusing first and foremost on reliability and usability. In addition we want to provide you with bug fixes and new releases faster, find your problems and solve them, prepare beta builds for OS X Developer Previews, shortly after they are available and meet the deadline of major OS X releases reliably. If you keep believing in us, we can make that happen.

We think it’s worth it and we hope you will do, too.

We’ll be happy to hear your thoughts and opinions on our support platform or via Twitter.

With love,
your GPGTools team

Questions & Answers

When will GPGMail for Yosemite be ready?
The first beta of GPGMail for Yosemite is available now! The stable release will be ready at the end of November.

Will you charge us for the GPGMail beta for Yosemite?
No, the beta will be free for anyone wanting to participate in our beta test, however it will be time limited and deactivate itself, once the final version is released.

OK, you'll charge for GPGMail, but what about the other apps included in GPG Suite?
GPG Keychain, GPG Services and GPG Preferences as well as MacGPG2 will remain free.

Bummer, a friend of mine just recommended GPGMail to me and I was really looking forward to trying it out.
You absolutely still can and we really hope you do! It's very dear to our heart that your messages are secure. GPGMail will include a trial period where you'll have enough time to find out whether you think it's worth it or not.

What is the amount we'll have to pay for GPGMail?
We have yet to set a price, but it will be fair. There will be different prices for personal use and professionals/companies. In addition, we plan on introducing a high priority support option for immediate assistance.

I've donated many times in previous years and now I will have to pay again? What gives?
We completely understand your sentiment and the last thing we want to do is to anger our fantastic donors! To re-emphasize on what was already said in our letter: we couldn't have come so far without you. Your support will definitely be rewarded, but we have yet to figure out the details.

I've just recently sent you a donation and now I will have to pay again? What gives?
Your support will definitely be rewarded, but we have yet to figure out the details.

Will I pay once and receive every future update for free?
Unfortunately not. In addition to the time necessary to add new features and fix bugs, a lot of time has to be spend on finding out what changes the next OS X version brings and then adapt GPGMail to those changes. So the short answer is, you'll have to pay a small upgrade fee for updates for major OS X releases. Should you decide however, to remain on your current version of OS X, you'll not have to pay anything to keep using GPGMail.

Does this mean GPGMail will no longer be open source?
We really believe in the idea of open source and the advantages it has over closed source. That's why we'll keep the source code of GPGMail open.

So then, couldn't i simply compile GPGMail myself and distribute it to everyone for free?
Since our code is licensed under the General Public License (GPL), which explicitly allows the re-distribution of GPL licensed code and binaries, that would be possible. We still hope you don't. One of the reasons is, that problems which might result from using your version, would end up in discussions opened on our support platform. That would create even more work for us, which means less time to actually work on future versions. If in consequence less copies of GPGMail were sold, we'd be back where we are right now, with even less time on our hands, which would ultimately slow down progress tremendously.

I found a free version of GPGMail on a different site. Why shouldn't I install that one instead?
We generally believe that, especially when it comes to security-related software, it's not a good idea to download and install it from an untrusted source. Since we don't know what your version of GPGMail includes, we could also not help you out with problems.

Read the whole story

GPG Suite

Everything you need to get started with
secure communication and encrypting files
in one simple package.

Use GPG Suite to encrypt, decrypt, sign and verify files or messages. Manage your GPG Keychain with a few simple clicks and experience the full power of GPG easier than ever before.

For OS X 10.10 Yosemite

Compatible back to OS X 10.6

Download GPG Suite
  • GPG for Mail

    is an open source plugin for Apple Mail. Encrypt, decrypt, sign and verify mails using OpenPGP with a few simple clicks.

  • GPG Keychain

    is an open source application for Mac OS X. It allows you to manage your OpenPGP keys. Create and modify your keys and import the keys of your friends from a key server.

  • GPG Services

    is a plugin that brings GPG power to almost any application.
    It allows you to encrypt/decrypt, sign/verify and import keys from text selections, files, folders and much more.

  • MacGPG

    is the underlying power engine of our GPG Suite. If you're familiar with the command line use the raw power of it.
    Based on gnupg 2.0.26.

SHA-1: 6621fc1da5211650b6ef4aa959fdd385a6a5a6d5

Download GPG Signature

  • It's all about the keys

    To use GPG to encrypt and verify mails or files you and your friends need GPG keys.

    GPG Keychain Access let's you manage your own keys and find and import keys of your friends.

  • Create your own key

    Enter your name and the email address you want to use your key with and you are ready to go.

    You don't have to bother with more advanced settings, we set good defaults for you.

  • Upload your key to a key server so your friends can find it

    When creating a key, you have the option to upload it to a key server, which makes it very easy for your friends to find and import it.

  • Already an expert?

    When creating a key, you can enable the advanced view, which let's you choose key size, expiration date and algorithm to use for your keys. Have full control over your keys.

  • See all your keys

    The main window of GPG Keychain Access shows you all your keys and the keys of your friends.

    Enable the "Show secret keys only" checkbox, to see only the keys you created.

  • The toolbar

    gives you quick access to the most important actions. Create a new key, import or export an existing key, or search for a specific key using the search field.

  • More options

    Select a key and right-click on it to bring up a context menu, letting you send your key to a key server, update or manage the details of your key.

  • Add additional email addresses

    Select your key and press the info button in the toolbar to add additional email addresses.

  • Write secure messages with Mail

    After installing GPG Suite, you'll see two new buttons when writing a new email: the lock button and the sign button next to it.

  • The lock button

    Activate the lock button to encrypt an email. Only you and the recipient will be able to read the contents of your message. Toggle between encrypting and not encrypting your email pressing ⌥ ⌘ Y.

  • The sign button

    Activate the sign button to sign an email. The recipient will be able to tell, that the email came from you and whether or not it was tampered with in any way.

    Toggle between signing and not signing your email pressing ⌥ ⌘ X.

  • Choose between PGP and S/MIME

    Using the security method indicator in the upper right corner, you can quickly switch between PGP and S/MIME. This is very handy if you use both.

    Press ⌥ ⌘ P to activate PGP or ⌥ ⌘ S to activate S/MIME.

  • Receive secure messages with Mail

    The "Security:" header will tell you, if the message you've received was signed or encrypted.

    If the message was successfully decrypted, you'll see an open lock. If the signature of the message is valid, you'll see a star icon with a checkmark.

    Make sure to click "Details" to see the security header.

  • Signed messages

    will show the email address associated with your friend's key that was used to sign this message.

    Click on the signature icon to see more infos regarding the key and signature.

  • Encrypted or signed attachments

    If the message contains encrypted or signed attachments, they will be automatically decrypted and verified. The attachments will look like any other non-encrypted attachments to you, while still being protected.

  • Sometimes things go wrong

    It might happen that someone encrypted a mail for another recipient but mistakenly sent it to you and so you're not able to read it. Or a signed message you're receiving was modified without your knowledge. Or anything else could have gone wrong. In these cases we're trying to be as helpful as possible by providing good explanations of what happened.

  • Find out what went wrong

    Whenever we detect that something's not right, you'll see a banner with an error message, letting you know what the problem is.

    To get detailed information about a problem, click on "Show Details" which contains a better description of the problem and possible solutions to it.