Very few people out there don’t want to protect their privacy. Security and privacy are, to many of us, as essential as free speech. The ability to communicate with other people with the assurance that other people aren’t listening in is a very comforting thing to have.
But on the internet, in general, you don’t have that ability. Anything sent without encryption is readable at any computer between you and your destination, and your average email may travel through four or more computers before reaching its eventual destination. At any of these computers, a person with the proper tools (which aren’t hard to have) can read the email. Further, unlike the mail many of us are used to, email doesn’t have to be opened, and so doesn’t show any signs of tampering.
For security, I use GPG (GNU Privacy Guard) to encrypt email. Anybody peeking in anywhere along the line on a message with a relatively short message (like “Hello, there!”) would see something along the lines of:
-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.7 (Darwin) hQEOA69XuxWtCkrmEAP9G9J9OB3SJH20zzVuAAWJPAYHOowoT57GjaZHEA3rinbD /UM/zW1PmnvG3c6Pd3mk8CMe6SttcqfKnO7lbmLg23mHgbD/zHlwQr//iq72dNtu ZdORS+E6f1RU+VGZAnYvUD8ZafCsGRfhDFzdMq9o+fZR1AvocipqhEZIdXTQMGkD /0MN2X/FlFPJqyCan+obdtQks61H4C5Zptv2zEPvFOnbye6BM7qca4cTKRJG8vMn 0LMuWOsnCw6XisWJWPJavV/2aQoeh3R/XgJaTwl5iGsSPoPb7EZhTKE07YZkhQS2 /hw2xQLcVfI7Bh87D41x/ayZxU9UfKs9pRYJ/OhmNfy10kgBLo7BKsQVRAxwcb7c LhlRiv0cj/y+FBHfcIXIzCm/b2fSgKUzRMYZq/BBxkD/Euwh4IWU/GLZYMH6gvC2 yc+uJijHqcUimD8= =7IWk -----END PGP MESSAGE-----
But when it reaches your mailbox, it will be decrypted, allowing you to read the plain message as it should be. When things go smoothly (which they always have for me), you never even see the gobbledegook that is the encrypted message.
GPG is free, so no worries about cost, and it’s relatively easy to install. First I’ll go through how to install GPG, and then how to get it working with your email. If you use an email client such as Thunderbird, MS Outlook, or Evolution, you’ll be fine. If you use Firefox with GMail, you’ll also be fine; but if you use another webmail service (e.g., hotmail) or another browser (e.g., IE), you might want to consider switching, even if only for the purpose of sending encrypted email.
Go to GPG for Windows and download their latest package. If you use Microsoft Outlook, install the GPGol module—if not, just install GnuPG and GPA, then read below.
Use your package manager (Synaptic on Ubuntu) to install the packages for GPG and GPA.
To create your key in GPA, choose “New” from the “Key” menu on the menu bar. Enter information as GPA requests it.
You will then want to export your key by highlighting it on the list and clicking the “Export” button. Keys may be imported by the “Import” button.
For OS X, take a look at using GnuPG encryption with Mail. If you’re planning on using Firefox and GMail for your email, stop reading after it has you import the author’s key.
Now it comes down to which mail client you use (click on the applicable one): Thunderbird, Mail (OS X), or Firefox and GMail, or Evolution.
As I couldn’t find an online program to set you up with encryption on Evolution, here’s a quick guide.
When sending an email in Evolution, click on the “Security” menu on the menu bar. Check “PGP Encrypt” and “PGP Sign”.
Now that you have everything set up, you’re going to want to spread your public key around. This is the key that people will use to send you encrypted email. LiveJournal allows you to add a GPG key to your LiveJournal account; the key will then be accessible by clicking the key icon next to your name on your profile page. My key is accessible from my website at http://fearchar.net/pubkey.asc.
If you want to find other people’s keys, you can search on sites like MIT’s Public Key Server.
Thanks go out to Petter Häggholm for his constructive criticism, and to viewers like you.
If this hasn’t been as helpful as you hoped, please email me.