The Evil Eyebrow

Public Key Encryption

Written by

Bill Ruhsam

in

Because I solved the issue I was having with Thunderbird, I’m ready to publish my public key for all and sundry to use.

What does this mean? Well, from now on the emails you receive from me will be digitally signed and with the public key listed below you can confirm that they are from me1. Do I suspect that I’m being the target of multiple email address stealing thieves? No, but I’d rather start now than later when it becomes an issue. Insurance is something you purchase before you need it.

It also means that anyone who goes through the trouble (and it is a bit of trouble, no matter what the websites say) to set up encryption on their email will be able to exchange fully encrypted emails with me. Do I suspect that some nefarious group is snooping on my emails? No (although my company explicitly says they have that right, as does my ISP, as does the NSA, FBI, law enforcement…), but I’d rather keep my private conversations private, from anyone. As it is right now, your emails flying around the ether are open for snooping by anybody who really wants to. Sure, innocent people have nothing to fear, but we shouldn’t tacitly agree to the snooping. I am not. I want to spread the encryption meme about and make it that much more difficult to access my communications.

Join me in making it more difficult for the government, or anyone else for that matter, to monitor us. I promise that in the next few weeks, I’ll post a how-to for setting up public key encryption using Mozilla Thunderbird and GnuPG. There was a learning curve for me because most of the tutorials were written by and for people who spend a lot of time in front of a command line interface. I think there’s a market for a how-to that’s a bit more explicit.

1This requires software. You don’t just check that public key against my email. As I say in paragraph three of this post, this is a bit of trouble to set up, but relatively seamless once it is

Check over there to your right for my public key.

Comments

8 responses to “Public Key Encryption”

  1. Chris Avatar
    Chris

    Of course how do I know that the post above is really from the person I think it is? What if this is the Public Key of some other yahoo named Bill Ruhsam?

    As a reasonably computer saavy person, I found the Thunderbird, GnuPG, Enigmail setup to be quite painless. I just wish Outlook had a reasonably effective equivalent. The only one I could find is either 3 years old and badly implemented or costs $$$. I guess I’ll have to manually decrypt anything you send to me at work.

  2. James Cronen Avatar
    James Cronen

    I was running Enigmail with the old Mozilla mail client something like five years ago, and it was a pain in the ass.

    I agree that it’s better to snatch back your privacy earlier rather than later, so I’ll help spread the meme. But first, I anxiously await your tutorial. Hopefully you had a much easier time of it than I did five years ago.

  3. Rachel Avatar
    Rachel

    Bill, I think you’ve got some odd character encoding going on. Can you post this in a plain text block or something?

  4. Bill Ruhsam Avatar
    Bill Ruhsam

    Rachel: Yeah. I’ve learned another few things since this post, including that i can’t just copy/paste the PGP public key block. My blog software apparently takes the —–BEGIN PUBLIC KEY—– and changes it to — –BEGIN PUBLIC KEY— – which doesn’t work as well.

    Jim: Engimail is practically seamless in my experience now. Once you do the initial settings and setup your keys, I hardly notice it’s there. I haven’t tried multiple person key management yet, though.

    Chris: Outlook uses S/MIME and doesn’t support GnuPG. I understand that there are ways that I can work around that from the non-outlook end, but what it means for the Outlook user is that you’d have to get a Certificate either from a certificate authority (there are free ones available) or that your company might give you one. There are all sorts of issues dealing with corporate mail encryption. Way too many to deal with in a comment.

  5. Email Security by Schierer Space

    […] to Bill for finally pushing me over the edge to secure email communications, I have transitioned to the use […]

  6. Email Security: Why? by Schierer Space

    […] my system to send encrypted emails. My reasons, to be brief, are very much the same that Bill discussed some weeks ago. The most succinct reason is: “The same reason that most paper mail […]

  7. The Evil Eyebrow » Email Encryption How To (not Why)

    […] post is not intended to convince you to start encrypting all of your email. This post is intended to do that. As well as the book, “Little Brother” by Cory […]

  8. The Evil Eyebrow » Wikileaks, First Amendment, Espionage, Information Security

    […] I advocate that we all should encrypt our day to day emails5, especially between parties where disclosure of that information would lead to embarrassment, lawsuits, or worse. I’ve written about this in the past and even have a tutorial on how I went about it. If you want to exchange secure emails with me, it’s not difficult. Just click through the link and learn. I regularly apply an electronic signature to my emails7, which doesn’t do anything for security per se, but you can be sure that the email is from me, or from someone in possession of my passphrase. It’s only one more step, on your end, for you to receive encrypted emails from me, and to send them in return. Then we can discuss Aunt Gladys without worrying about Nephew Jim reading the emails while we’re stupefied on thanksgiving turkey. […]

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts