Do you remember sending mail through the Postal Service? You were reasonably certain that no one was going to open it and read it.
Email is nothing like this. Not only are services (like Gmail) reading your emails for advertising; the servers they are on can be hacked too. If you want to have a secure email, you are going to have to learn how to use encrypted email accounts.
Not only are these services leaking your email; so are agencies like NASA and GCHQ. Even those with nothing to hide have something to hide. Maybe you have banking details in your email that should remain private. Perhaps you have communication from your doctor that should be private. Either way, you deserve secure email which uses encryption, and we will look at it now.
Secure email and encrypted email accounts
Encryption is your friend when it comes to online privacy, in all of its forms. Your first step when you want more online privacy is to invest in a VPN. Not only will a VPN encrypt your email during sending; it will also encrypt every single thing that you do online. You will be hidden from casual spying, hackers, and even your own ISP. Have a VPN ready, and then get that secure email.
Secure email: download GNU Privacy Guard
First, you are going to need a way to send a secure email. That is what the GNU Privacy Guard—an encryption software program—is for. There are three different places that you can download the GNU Privacy Guard (GnuPG):
These are just ways of getting the program; your email is not yet encrypted.
Here’s a silly explanation of how PGP (Pretty Good Privacy, Symantec’s encryption program) and GnuPG (PGP’s free replacement program) work:
Secure email: you need a plug-in for your email client
If you don’t a ready email client, you need to use Microsoft Outlook, Mozilla Thunderbird, or Apple Mail. You are going to configure the GNU Privacy Guard through these clients:
- Microsoft Outlook: The plug-in that you need for this is called GpgOL. It comes with your download of GNU Privacy Guard for Windows.
- Mozilla Thunderbird: The plug-in that will integrate here is known as Enigmail. While you need it for Thunderbird, it will actually work for all email clients.
- Apple Mail: You will get a GPG Sweet download when you get the GNU Privacy Guard.
The easiest thing to do would be to get Enigmail. It works across all platforms, and you’ll be ready to install and use it on a different machine with zero learning curve.
Secure email: Get your plug-ins and GNU Privacy Guard working
You have all the software programs—GnuPG, email client, and the plug-in—that you need now. What’s next is you just need to get them working together. We will also look at generating public and private keys, how to share your private key, and the encryption and decryption of email.
Since these are no easy task, I am going to find YouTube videos which will walk you through it. It’s one of those instances where seeing is better than reading.
Configure GNU Privacy Guard for Mac
The team who built GPGTools actually built their own walk-through of how to set it up:
Straight from the horse’s mouth, it doesn’t get much better than that.
Configure GNU Privacy Guard for Windows
The team that put this together put a little bit more time into this video than the one you see above for Mac:
For those using Mozilla Thunderbird, follow everything up to step two and then install Enigmail. If you have problems, you will get screenshots of how it is done when you download it.
Configure GNU Privacy Guard for Linux
Linux users are a little bit special. How you will configure it is going to depend upon your distributor:
If you really want to get into it and learn way more than you actually need to know, check out the GNU Privacy Handbook. Be warned: this is huge.
Using encrypted email
Now that you have everything installed correctly and configured, let’s look at what you should be doing with all these software programs:
- The strongest key size that you can select is 2048 bits.
- When you create your key pair, you cannot edit it afterward. Double-check and triple-check to make sure that you entered your name and email correctly.
- You need to enter a secure passphrase, not a password. The longer and more complex it is, the better. You can also look into using a password management tool if needed. Or you can go analog and write the passphrase down on a piece of paper. Keep it in the most secure place you can think of. No, not under your keyboard.
- Use a site like Keybase to publish your public key. People can then look up your public key using your email or name.
- Alternatively, you can use Facebook to publish your key through your profile. This will make it easy to share your key with your friends. However, it is not going to be the best place for your most secure keys.
Taking these steps will give you a more secure email. There is no point in having an encrypted email that isn’t as secure as possible, and there are also reasons for using a VPN as one extra layer of protection.
Having encrypted email
I will admit that it can be difficult to configure all these software programs properly. But once you have set up everything, all you will have to do is push the ‘encrypt’ button, giving you an instantly secure email.
Or anyone else who is going to receive an email from you in the most private manner. Your mistress. Your dominatrix. Pauly Shore. It’s your life, mate.