Archive for March 2008

Email Privacy and Personal Email Security

When you send a cleartext, unencrypted e-mail not only the intendent recipient but anyone can read and possibly alter the contents the content of this message.
Unencrypted emails – also called Cleartext email – can be intercepted and read by anyone with access to the wires between you and your recipient. This could be bored sysadmins, or a hacker who has successfully compromised your email server, router or network. Oftenimes getting onto a network is easy — unsecured, poorly-secured and rogue wireless access points seem to be the norm today.

email privacy and personal email securitySo how do you protect yourself? The easiest way to secure your e-mail transmissions from end-to-end is to use PGP (Pretty Good Privacy) together with GNU Privacy Guard. These programs are open source and therefore free of cost.

PGP/GnuPG depend on encryption/decryption key pairs. You have a private key, which you guard never ever let anyone else get their hands on. Your public key can be distributed freely.

The way it works is simple: Anyone who wants to send a message to you encrypts it with a copy of your public key. Then you decrypt it with your private key. Your message is completely protected in transit and immune to eavesdropping and altering.

GPG works on any system on which it can be successfully compiled, which is most Linux and Unix systems. You may also compile and run it on Windows.