Friday, December 11, 2009

Making E-mail Private

Ok, hopefully some folks read and made use of my previous post on using SSL in Gmail.
If you didn't and you use Gmail, go read it now. It only takes about 10 minutes to read and another 10 minutes to implement.

Now, I have to wonder why is it that people never seem to care enough about privacy to encrypt e-mails?

Sure, for some it's a matter of not knowing you CAN encrypt, for others it's a not knowing HOW to do it... but it seems the biggest thing is an aversion to using passwords.

I have a 30 character password that I type in whenever I want to encrypt or digitally sign an e-mail. Most people would not go to such an extreme, but even a 6 or 8 character password with PGP or GnuPG that you only had to type once per mail session, when you first open your mail program or when you send the first message that day, would afford a lot more privacy and ensure that mail you think is from friend X isn't really from stranger Y pretending to be friend X.

How many people have had an e-mail come to them apparently from a friend that turned out to be spam, or worse, a virus? ...or even a roommate playing a practical joke on the supposed sender? PGP/GPG would solve that. I've been using this technology on an off (and recently more and more) for years, but surprisingly few others I know use it. I could understand if it were like S/MIME encryption that requires a yearly fee for a certificate, but PGP is free. All it takes is a little bit of effort to get started then you can stop sending love letters and secret passwords and Grandma's secret family recipes on the electronic equivalent of postcards and start mailing things in e-envelopes. (strong e-envelopes).

If anyone reading this is thinking "hey, I should do that, but it's too hard" e-mail me and I'll help you get started. ...just don't get discouraged if Microsoft and I are the only ones who even send you signed e-mails for a while. It's something that will take time to catch on amongst your friends, and that many people won't ever bother with....some folks will always think that secret codes are only for spies and criminals, but if you don't try to protect your privacy, who will?

Rod MacPherson
My PGP key
Post a Comment