Do you remember sending mail through the Postal Service? You were reasonably certain that no one working there was going to open it and read it. Email is nothing like this. Not only are services like Gmail (and Google as a whole) reading your emails for advertising, the servers they store email on can be hacked. If you want to have secure email you are going to have to learn how to use encrypted email accounts.
Not only are these services leaking your email, so are agencies such as the NASA and GCHQ. Even those with nothing to hide have something to hide. Maybe you have banking details in your email that should remain private. Maybe you have a note from your doctor that should be private. Either way, you deserve secure email which uses encryption, and we will look at it now.
Secure email and encrypted email accounts
Encryption is your friend when it comes to online privacy in all of its forms. Your first step when you want more online privacy is to invest in a VPN.
Not only will this encrypt your email as it is being transported, thwarting man in the middle attacks, but it will encrypt every single thing that you do online. You will be hidden from casual spying, hackers, and your own ISP. Have a VPN ready, and then get secure email.
Download GNU Privacy Guard
First, you are going to need a way to send secure email. That is what GNU Privacy Guard is for. There are three different places that you can download GNU Privacy Guard:
Simply downloading it doesn’t mean you are getting your secure email, your email is not encrypted yet. Here’s a silly explanation of how PGP, and GNUpg, works before we get too far into this:
Secure email: you need a plug-in for your email client
If you don’t already, you need to be using either Microsoft Outlook, Mozilla Thunderbird, or Apple Mail email clients. You are going to configure GNU Privacy Guard through them:
- Microsoft Outlook: The plug-in that you need for this is called GpgOL. It comes with your download of GNU Privacy Guard for Windows.
- Mozilla Thunderbird: The plug-in that will integrate here is known as Enigmail. While you need it for Thunderbird, it will actually work for all others.
- Apple Mail: You will get a GPG Suite download when you get the GNU Privacy Guard.
The easiest thing to do would be to get Enigmail. It works across all platforms, and you’ll be ready to install and use it on a different machine with no learning curve should you need to.
Secure email: Get your plugins and GNU Privacy Guard working
You have all of the software that you need now, what’s next is you just need to get it working. We will also look at generating your public and private keys, how to share your private key, and the encryption and decryption of email.
Since this is no easy task, I am going to share YouTube videos which will walk you through it. This is one of those instances where seeing is better than reading.
Configure GNU Privacy Guard for Mac
The team who built GPGTools actually built their own walk-through of how to set it up:
Straight from the horse’s mouth, it doesn’t get much better than that.
Configure GNU Privacy Guard for Windows
The team that put this together put a little bit more time into it then the video you’ll see above for Mac:
For those using Mozilla Thunderbird, follow everything up to step two and then install Enigmail instead. If you have problems, you will get screenshots of how it is done when you download the Enigmail plugin.
Configure GNU Privacy Guard for Linux
Linux users are a little bit special. How you will configure it is going to depend upon your distributor:
If you really want to get into it, and learn way more than you actually need to know, check out the GNU Privacy Handbook. It is huge, you have been warned.
Using encrypted email
Now that you have everything installed correctly and configured, let’s look at what you should be doing with all of this software:
- The strongest key size that you can select is 2048 bits.
- When you create your key pair you cannot edit it afterwards. Double and triple check to make sure that your name and email have been entered correctly.
- You need to enter a secure passphrase, not a password. The longer and more complex it is the better. You can also look into using a password management tool if need be. Or you can go analog and write it down on a piece of paper. Keep it in the most secure place you can think of. No, not under your keyboard.
- Use a site like Keybase to publish your public key. People can then look up your public key using your email or name.
- Alternatively, you can use Facebook to publish your key through your profile. This will make it easy to share with your friends there. It is not going to be the best place for your most secure of secure keys though.
Taking these steps will give you more secure email. There is no point in having encrypted email that isn’t as secure as possible.
Having encrypted email
I will admit that it can be difficult to configure all of the software properly. Once you have everything set up all you will have to do is push the ‘encrypt’ button, giving you instantly secure email.
Use this encrypted email when communicating with your:
Or anyone else who is going to get email from you that you would prefer be private. Government and ISP spying is real, and you can protect yourself easier than you think.