The OpenPGP protocol allowed for the emergence of a standardized competitive environment and PGP solutions are now provided by multiple companies and organizations. Still, all PGP programs that comply with the OpenPGP standards are compatible with each other. This means that files and keys generated in one program may be used in another without problems.
Regarding the disadvantages, PGP systems are not that simple to use and understand, especially for users with little technical knowledge. Also, the long length of the public keys is deemed by many as quite inconvenient.
In 2018, a major vulnerability called EFAIL was published by the Electronic Frontier Foundation (EFF). EFAIL made it possible for attackers to exploit active HTML content in encrypted emails to gain access to the plaintext versions of messages.
However, some of the concerns described by EFAIL were already known by the PGP community since the late 1990s and, in fact, the vulnerabilities are related to the different implementations on the part of email clients, and not with PGP itself. So despite the alarming and misleading headlines, PGP is not broken and continues to be highly secure.
Since its development in 1991, PGP has been an essential tool for data protection and is now used in a wide range of applications, providing privacy, security, and authentication for several communication systems and digital service providers.
While the 2018 discovery of the EFAIL flaw raised significant concerns about the protocol's viability, the core technology is still regarded as robust and cryptographically sound. It is worth noting that different PGP implementations may present varying levels of security.