Email Protection

Discussion in 'privacy technology' started by AMD, May 19, 2013.

Thread Status:
Not open for further replies.
  1. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Hi, can anyone advise the best way to set up email encryption/security. I have no knowledge of this and would like to protect emails from ending up in the wrong hands.

    I use Windows Live Mail as my email client.

    Thanks

    Andy
     
  2. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Hi,

    have you tried PGP/GPG encryption?
     
  3. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Not even sure what PGP/GPG is o_Oo_O??
     
  4. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    GPG is an open source free version of PGP.
    http://www.gnupg.org/

    Wikipedia info: https://en.wikipedia.org/wiki/Pretty_Good_Privacy
    It's available for almost all platform, if you have Windows OS worth to try is GPG4Win.

    In short PGP/GPG uses symmetric key cryptography.
    First you have to create your own key (public and private key).
    Your public key is for people who will email with you - they have to know what your public key is, because they will use it to encrypt message for you.
    If you want to send encrypted message to other person then you will need their public key and your private (secret key).

    It sounds complicated but in practice it isn't.
    Here are some tutorial vids you will be helpful I hope:
    http://www.youtube.com/user/GnuGPTutorial/videos?flow=grid&view=0
     
  5. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    So does this securely deliver emails from my isp to my pc client too ?
     
  6. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    I'd say yes, but... you and your client should use long enough key size alghoritm (like RSA 4096), also both of you can't publish/leak your secret (private) key (remember to store them in safe place and have a backup - because if you lost your secret key you won't be able to decrypt messages from the past) and your key should have 20+ character long password.
    Note that by using PGP/GPG you can encrypt not only text but also files.
    You can also sign them. By verifying signature you will be sure that your sender is in fact a person who you think.
     
  7. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Any email on a big provider, is at least scanned by a machine for revenue purposes. Also, since the data is sitting on their servers, it can be gone through relatively easily, depending on your country's laws. In transit, unless it is encrypted, it can be stored/read as it hops around the internet. While more and more servers are attempting to use a continuous TLS connections for mail exchange, you can't count on that.

    One thing you can do now, is switch to that old school thing known as an email client, and the POP3 protocol. This will get the mail off of big providers servers. Not as convenient though.

    Setting up GPG, and learning it, would be next...but you will never get all your contacts to use it :D

    The easiest method would be to switch providers to someone like Countermail or HushMail...and I would prefer (and do) the former. This won't solve the problem of getting grandma to use it, but at least it is more resistant to being snooped through, sitting on a companies server that you are paying for privacy with.

    PD
     
Loading...
Thread Status:
Not open for further replies.