Menu

How to Send Secure Email

Ana Nogueira Feb 17, 2004

When you send an email to your friend unencrypted, you might as well be sending a postcard to her via John Ashcroft’s office.

Passwords don’t mean much in the age of hackers, and even less in the age of Patriot Acts. Any kid with curiosity and tech knowledge can sniff out your email passwords. Any corporation with a market scheme can trace your habits and tastes. And any government agency with access to programs like Carnivore or Echelon can single you out for communications that contain innocent enough words such as “war” or “protest” in them.

But there is something you can do about it. Encryption is a quick and easy way to protect your privacy. It allows you to make anything from a simple text email to large portions of your computer’s brain totally inaccessible to unwelcome eyes. PGP (Prettty Good Privacy) is the most common and cost-free way to encrypt your material. Recently, the FBI reportedly spent more than a million dollars trying to decrypt a Canadian activist’s PGPencrypted computer and failed.

PGP software creates keys that you exchange with people you want to communicate privately with. Like real keys, you can only open something encrypted if you have the right set: your key and the sender’s key. You can store keys the same way you store emails in your address book. The process is easy: write an email message, click the encrypt button and a window pops up with your key address book. Pick the person you want to send it to, enter your pass phrase, and voilà!, the message becomes a meaningless jumble of random characters, unreadable by almost anyone other than the person you intend it for.

We say almost because security relies on more than just technological gizmos. It relies on a culture of security that assumes people understand the process, respect the circles of trust and use the software responsibly. Once that is achieved, the benefits of PGP extend beyond being able to encrypt material. PGP allows you to sign your friend’s keys, letting other people know you trust that key, thereby creating potentially vast networks of secure communication circles.

This will become all the more important for activists as the Republican National Convention approaches.

PGP can also be used to apply a digital signature to a message without encrypting it. This is normally used in public postings where you don’t want to hide what you are saying, but rather want others to know that the message actually came from you. Once a digital signature is created, it is impossible for anyone to modify the message or the signature without it being detected by PGP.

Many are concerned that using PGP will draw attention to themselves, making it appear that they are doing something illegal. But encryption in no way implies illegal activity and is used by many businesses as standard practice.

Privacy has nothing to do with crime. Besides, PGP is FUN. Never had a secret decoder ring? Boo!

For more information and to download free PGP software, visit: www.pgpi.org.