The Internet, the FCC, and Encryption

Well, it happened. Masquerading under the premise of "keeping the Internet free and open," the FCC just gave itself the power to regulate the already free and open Internet as if Internet Service Providers are Title II utilities. Basically, this translates to censorship and taxes across the board.

For awhile now, I have been experimenting with combinations of email clients, public-key cryptographic software, and different GUIs for managing encryption keys. Those experiments were taken off the back-burner today because of a new and real fear of parts of the Internet being exposed to unconstitutional searches.

The biggest difference between my newest attempt and previous attempts is that I recently purchased a MacBook Air, on which I have already encrypted the entire filesystem and all hard drives that use that computer. I found a lot of new software written exclusively for Mac OS X that integrates with the OS. One application in particular is GPGTools.

GPGTools has a slick key manager GUI called GPG Keychain, and it also integrates itself into Mail.app, making sending and receiving encrypted email very easy. In fact, I am opined to say that this is the easiest implementation of GPG (Gnu Privacy Guard, a PGP [Pretty Good Privacy] compatible, open source software) that I have used to date.

On my Windows 7 computer, I have been using GPG on the backend and Cryptophane 0.7.0 as the key manager GUI to manage encryption, and Mozilla Thunderbird with the Enigmail plugin for sending and receiving encrypted emails. This combination works well, but leaves some to be desired, especially in the configuration department. The various parts of GPGTools work together out-of-the-box, making for a very enjoyable experience.

Please note that these two systems are compatible. Even if email is sent from a system that uses GPGTools and Mail.app, and that email is received by a system that uses GPG with Thunderbird / Enigmail, or vice versa, the email is encryptable and decryptable on both systems as long as both computers have the public key for decryption.

How Public-Key Encryption Works:

In public-key cryptography, a user generates two keys. a pair of public and private keys. The public key can be shared with anyone, but the private key is left on your own system only. The public key is used to encrypt the email that is being sent to someone else, and the private key is used to decrypt email that is sent to yourself.

The public key is typically uploaded to what is called a keyserver, a centralized place where anyone can upload their public keys for anyone else to download it. This is one of the ways to facilitate the sharing of one's public key so that others can begin sending secure email to oneself.

Public-key encryption allows for a secure way to transmit in clear-text what is needed for a person to encrypt and send secure information to another person without giving away the secret used to encrypt or decrypt the information. This is the type of encryption that websites use to secure your web surfing from cyber-eavesdroppers!

How to Get Started with GPG Email Encryption:

If you would like to start encrypting your email, check out the links below!

For Mac users, check out GPGTools.org. It is an all-in-one suite, so just download, install, and follow the tutorial!

For Windows users, check out GnuPG.org. It is the best resource to get you started. I also recommend grabbing the latest binary for GPG (as of the time of this post, it was v1.4.19), using Cryptophane as a GUI because it is probably the easiest to use of what I have seen, and lastly Enigmail extension for Thunderbird for securing email.

Sending Your First Secured Email:

Once you have your new encryption key pair generated and your mail client up and running, you will need to download public keys for other people so that you can send them email. You can do so by searching in the key management software that you recently installed. Try searching for mine using my email address, nick@novalan.org. If you find it, send me a secure email!

No comments:

Post a Comment