Today, the subject is using encrypting your Gmail messages:
Link, Link to other Instructables feed
The principle behind GPG encryption is easy. Anyone who wants to play creates a public key and a private key. Your public key is the part of the encryption that you make public. Your private key is the part of the encryption that you never share with anyone under any circumstance.The two keys work together so that you need both to decrypt anything. To send an encrypted message to someone you lock the message with their public key and when they get it, they can unlock it with their private key. If they want to respond, then they encode the message with your public key and you can read it with your private key.
Of course, this only works so long as you can trust that you have been given the right public key and that you know who you are talking to. One of doing this is by having a key signing party with your close friends. You all show up at a given location at a given time and exchange public keys. Then you have a list of trusted public keys with which you can communicate. This is often referred to as a web of trust.
RSS Feed
The problem with why popularity of PGP / GPG strong crypto has remained roughly stagnant (i.e. only geeks) since 1992 is because people who don't even know what encryption is or why they need it do not have it available by default with their default Mail User Agent (MUA).
I lay the blame squarely on the "conspiracy" that OpenPGP was excluded from implementation in Netscape Mail and Microsoft Outlook† in the 1990s. (People don't miss something they never had.)
Even Apple Mail.app requires a bundle (i.e. plugin) to be installed; otherwise it only supports weak X.509 encryption and even that takes some work to enable and use. Thunderbird requires installing an extension as well, as is the Mozilla design philosophy. Only Evolution supports GPG out of the box, and if you're running Ubuntu or another Linux/GNOME platform you're already in the aforementioned set of geeks.
In other words, as Bruce wrote in Secrets and Lies, security is roughly a transparent benefit -- like the trains running on time. Only when there's a problem do you take notice. Only when you're being fitting with a black hood do you wish you encrypted your email. And if security doesn't "just work" by default, in the way Apple is (accurately or not) acclaimed for, "normal" people will forego‡ and work around it because they need to "get 'er done".
†Not to mention how office culture defined their expectations of "normal" email with Microsoft Outlook. Just look at how they learned the bad habit of top-posting and HTML email (with Comic Sans typeface) from Outlook.
‡Hell, most major ISPs don't even support SSL encrypted connections for POP3 and SMTP! (Verizon doesn't unless you have a "business" account.) People are sending their ISP account passwords in the clear -- likely over unencrypted 802.11b/g wireless networks.
> I lay the blame squarely on the "conspiracy" that
> OpenPGP was excluded from implementation in >
> Netscape Mail and Microsoft Outlook† in the
> 1990s. (People don't miss something they never
> had.)
Netscape Messenger had 128 bit encryption for email.
The problem with key sharing parties is that the people with whom I most want to encrypt email are people I haven't (and probably won't) ever meet in person.
Yr fvrt wrd: MY!
Y'r lk th sglls n Fndng Nm, Cry.
Public Key Infrastructure is only effective if it's encrypted from end to end. Gmail is *webmail* that travels through an unencrypted connection from gmail.com to you. I realize that you can use https:// when going there, but do you do it every time? Gmail doesn't force your connection to be secure.
just my opinion...
I'd only use encrypted Gmail if it handled PGP/MIME properly; the signature block is really ugly. Until then, I'll stick with Enigmail (I sign all outgoing emails).
That's, well, nice to know. But why would I care to encrypt emails of funny cat pictures and the generally inane messages I send during my daily business?
I suppose if I wanted to email confidential stuff, financial information, or my SSN, or whatever, encryption would provide some nice placation of uneasiness.
But in general, why would the average user bother? Seems paranoid and self-important, as if MY emails are SO substantial that they need to be written in invisible ink. Am I missing something? Am I supposed to preemptively kick big brother in the groin?
@Booray: Actually, one of the features of public key systems like PGP is that it allows people to securely exchange messages over unsecure channels, without any prior contact.
Every time I see a post by Cory my eyes cant help but roll. Everything seems to be inspired by his novel. Keep advertising it Cory, maybe you can inspire the cure for cancer!
Thecat@3- The point of key-signing parties isn't to sign keys of people you want to email. The idea is that if PGP users get their keys signed by enough people, eventually everyone's key is signed by multiple people you trust. Google PGP and "web of trust" to find out more.
That's, well, nice to know. But why would I care to encrypt emails of funny cat pictures and the generally inane messages I send during my daily business?
I'm so glad you asked that question, Mr. Skeleton! The short answer is: to protect those who depend on encryption to keep them safe from persecution.
It's like this: governments can't easily break GPG encryption, but they can very easily tell who's using it. If the only people who use encryption are dissidents, civil liberties activists, hackers, and other people the government doesn't like, simply the fact that they're using encryption is a red flag that can bring on further harassment and monitoring.
There's a very easy way to help protect these people who depend on encryption for their freedom, though. Encrypt totally uninteresting stuff. Use encryption for your day to day communications with your drinking buddies. This inserts noise into the system, and prevents the government from being able to profile people based on their use of encryption.
It also ensures that, should the government find a way to break GPG encryption, they would be faced with a large enough volume of encrypted data that at least they wouldn't have the computer power to decrypt and monitor it all, the way they do with plaintext communication.
Use GPG. For real, even if you think you have nothing to hide. Learn it. Use it. Like, now.
On some level, this comment is a minor rant, but the thing that constantly frustrates me about encryption is the terminology. I do information architecture for a living, which means that I interpret between marketing and engineering. The encryption folk are seriously in need of some marketing folk. I know that public key and private key are the accurate terms, but I'd love to see them replaced with "lock" and "key". People could understand that. You distribute your lock anywhere - you want people to have it. They lock an email for you, send it to you, and you unlock it with your key. Because it's digital, you can put as many locks on an email as you want. Anyone with a key to any lock can unlock the email.
This is something that anyone could understand. "Public key" and "private key" just makes the concepts harder to understand.
/end minor rant
Bethany
Why not think differently on Gmail security:
We need to develop a plugin for e.g. Firefox that works with templates for URLs and provides a simple way to store keys. Now, if you are using Gmail and have that plugin enabled, and have one or more symmetric keys in store and type an email, the body-text and subject of the email gets scrambled before it is submitted to the site.
Scrambling could either mean, really messy encryption, where no one would be able to read anything at all - but full-text search would not work either. Or scrambling could mean keeping the words but messing up the order of the words - so advertising (fair enough) and full-text search (at least with words, not phrases) would still work but no one would be able to get the meaning of the message.
Now, when I am sending a mail to my wife the message gets encrypted with her/our key. It could even be practical to simply share one key in a small group of friends (=family). We are not talking high security here, it is about applied security that makes it not worthwhile snooping through your messages.
Key exchange is done physically (in security lingo - via a secure channel aka USB-stick) - no Public Key Infrastructure with all the inherent complexity is needed imho.
What do you think? Anybody? Any solutions available already that I am missing?
Why do you want to encrypt all the cartoons and junk you send each day?
Did you send it on your time, or your bosses?
Could it (in the words from Obama's inimitable job application site, "embarrass in any way" yourself or your employer or your future employer, or the future government, or your mate, or your children....)
The unseen risk is the only new risk generated by electronics--the ability to assemble all that "meaningless noise" that you generate in communicating, and use it to determine "meaningful" information.
Intelligence agents know that there is no such thing as "meaningless" information, there is only information which you do not understand--yet.
Police routinely assemble vast amounts of information in order to determine "who dunit," which they actually succeed at fairly often--without, in most cases, any computerized analysis of the data.
Did you ever push "send" on an email you regretted?
I just see a nightmare on the horizon of public and private key confusion. There are definitely ways to make encryption software implementation easier, but I do not think this is one of them.