15 November 2008

Using encryption

Dan Goodin at The Register has a very timely article recommending that everyone encrypt their email.

If you think that at any point in the next ten years you might want to send or receive an email message that can't be read by your ISP, your government, the US government, or a lawyer, then the time to start using PGP-compatible encryption is now.

The reasons for this are:

  • If you suddenly start using encryption just when you need it, the fact will be obvious to whoever you are trying to hide things from.
  • Setting up encryption is a fiddly business, you should get it done when you have time, not when you need it.
  • You are helping everyone - the more people are set up to use encryption, the more useful and normal it becomes for everyone else.

I came to the conclusion a few days ago, dusted off all my old keys, found that they'd all expired (fortunately, since I'd forgotten passphrases), and created some new ones. I posted a key for sending to this blog, and if you have my personal email address, there is a key for that on the MIT keyserver.

So, if you're using Windows, read the Register article; if you're on Linux, install gnupg and enigmail (I'm on Debian and the packaged Thunderbird comes automatically with Enigmail to integrate with gnupg - just turn it on), even if you use webmail, there is now a firefox extension FireGPG to make it easy to send and receive encrypted messages.

So invest a couple of hours now in being ready.

1 comment:

A Nonny Mouse said...

I ordinarily imagine that someone—at gmail, in the government, somewhere is reading my e-mails already, so I try to make them as generally amusing as possible. After all, this is the Facebook generation, where people expose their most intimate thoughts and activities to the eyes of anyone with a search engine.

In the past I have found that my work, though rejected for publication by newpapers, has been avidly consumed by people hacking into my personal site. They are my only readers, so I have no wish to discourage them. Prince Charles’s famous tampax exchange with Camilla Parker-Bowles was so witty that it seems wrong that it should not be more widely heard.

You seem to think that the government is going to read your e-mails, and are worried by this fact. Which of us is the madder I cannot tell. Judging by the number of comments on your blog (average 0.0) I don’t see that this is a problem. God forbid that the government should find out your darkest, most embarrassing and most reprehensible secret, which is that you have no secrets that anybody could be interested in.

My method of encryption is this. If there is some event in your past that you cannot bear that anyone should know, some horrible past indiscretion, type it up, deposit it in the library, and put its title on a compulsory essential reading list for your students, item no29. That way you can be certain that it will never ever be found out.