Secure Email?
You may or may not be aware that email is sent in clear text. This means that anyone watching your network, or anyone with access to any of the servers between sender and receiver can read emails you send and receive at their leisure. You don’t need to be any kind of h4x0r. It’s easy, and anybody can do it. So if you ever thought email was a secure way to pass information back and forth, I’m afraid you are mistaken. I would suggest you assume that someone, somewhere is going to read your email. So what do you do if you need to send email securely?Well, there’s lots of options, but I’m going to talk about one specific product I’ve started using recently. PGP(Pretty Good Privacy) is a program that provides cryptographic privacy and authentication, and has been around since ’91. Nothing new there. MOST of you should already know that. Since we use Google Apps at work, I’ve been looking for something that will help me easily encrypt emails through GMail. Enter FireGPG. You will need GnuGPG installed first, not a problem since I already do, and then it gives you a simple Crypt/DeCrypt/Sign buttons inside your Gmail interface. Here’s a screenshot:
How simple can you get? Create/Manage your keys through GnuGPG, but once that parts done this is SOO easy, and that parts not too hard either.
So if you need to send me an email, and you don’t want prying eyes to take a peek, follow the link on the side of my blog to my public key. The rest is up to you.
There are 3 Comments to "Secure Email?"
Nice article! Thanks for the information!
PGP is one of the most effective steps you can take toward securing your email… but there are others. Depending on how paranoid you are, consider that PGP encrypts the message but not the envelope. A watcher can still see who you are talking to if not what you are saying. That can be fixed by using a secure email server that encrypts the message with TLS coming and going. It should also provide another layer of encryption while the message is stored on the server. Of course, the weakest link is probably your PC – particularly if you are running Windows.
Much more information, including a comparison of secure email services is at http://www.novo-ordo.com.
I’m not sure if you receive notifications for new comments or if you’ll see this comment, but I had a question. If you’re connected to Gmail through ssl (https), can anybody really ready your emails other than Google?