We’re now half way through the No Surveillance State Month, and what a busy month it’s been! Part 15 discusses an important yet technically difficult topic: encrypting your e-mails as they are in-transit.
The most common way people accomplish e-mail encryption is through PGP. PGP is a protocol that’s now over 2 decades old, and works on “public key encryption.” Imagine a lock with 2 keys: one key that was required to open the lock, and another required to close it. You can give the key required to close the lock to everyone — in this case, allowing everyone to encrypt a message destined to you — while holding onto the key required to open the lock — thus preventing anyone from reading the message but you.
The reason why this is techincally difficult is that even in 2013, the Internet has not come up with a standardized, free, easy-to-use way of dealing with exchanging that “close the lock” key, known as the public key (the “open the lock” key is a private key). But, if you want to wade through one product that will get you through the job and integrate with common commercial e-mail software such as Microsoft Outlook, you probably want to look at Symantec Desktop Email Encryption. The University of Pennsylvania has published a fairly clear step-by-step guide for usage.
If the thought of using a commercial product really kills you, there’s GPG and the associated clients for each operating system, but like most things open source, be warned that the technical skill required for success increases drastically.
This is one of a 30-part series, “No Surveillance State Month,” where daily for the month of June I’ll be posting ways to avoid invasion of your privacy in the digital age. The intent of these posts is not to enable one to escape detection while engaging in criminal activity — there’s still the old-fashioned “send a detective to watch you” for which these posts will not help. Rather, this series will help you to opt-out of the en masse collection of data by the government and large corporations that places Americans in databases without their knowing and freely-given consent for indefinite time periods. We all have the right to privacy, and I hope you demand it.
I was just looking into this last week.
The free solution is Thunderbird+Enigmail plugin + GNUPG.
Worked wonderfully under Mac OS. A little less so under Windows.