This was posted on the SR forums and talks about how several PGP software is not very secure. He specifically mentions kelopatra/gpa, portable pgp (or any java PGP) are weak. He mentions the best piece of software to use is gpg4usb. You can get it here:
http://gpg4usb.cpunk.de/index.html.
I switched to using this and I like it a lot. Its actually very easy to use (definitely easier to kleopatra) and doesn't have to be installed. I should not that this software generates keys properly so it may take longer. It uses noise form I/O for generating random numbers so doing stuff while to key is being generated will speed it up.
Here's the full article posted at SR:
https://silkroad5v7dywlc.onion/index.php?topic=1760.0
PS: use a 4096 bit key. That should be secure from the NSA until 2040-2050
PSS: it might be a good idea to sticky this for a little while. I've noticed many vendors using bad PGP software and keys that are only 1024 bit. All vendors should be using AT LEAST a 2048 bit key, but 4096 bit would be best.
the article link is down for me, please explain what exactly is not secure?