Dan Goodin at The Register has a very timely article recommending that everyone encrypt their email.
If you think that at any point in the next ten years you might want to send or receive an email message that can't be read by your ISP, your government, the US government, or a lawyer, then the time to start using PGP-compatible encryption is now.
The reasons for this are:
- If you suddenly start using encryption just when you need it, the fact will be obvious to whoever you are trying to hide things from.
- Setting up encryption is a fiddly business, you should get it done when you have time, not when you need it.
- You are helping everyone - the more people are set up to use encryption, the more useful and normal it becomes for everyone else.
I came to the conclusion a few days ago, dusted off all my old keys, found that they'd all expired (fortunately, since I'd forgotten passphrases), and created some new ones. I posted a key for sending to this blog, and if you have my personal email address, there is a key for that on the MIT keyserver.
So, if you're using Windows, read the Register article; if you're on Linux, install gnupg and enigmail (I'm on Debian and the packaged Thunderbird comes automatically with Enigmail to integrate with gnupg - just turn it on), even if you use webmail, there is now a firefox extension FireGPG to make it easy to send and receive encrypted messages.
So invest a couple of hours now in being ready.
Labels: crime and freedom, technical