Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: How do you encrypt your email?
13 points by quickpost on June 10, 2013 | hide | past | favorite | 10 comments
In the wake of the PRISM stuff, I've decided to start encrypting all my email traffic. How do you do this? I'd really like to approach doing this in a secure and convenient manner that's easy enough for non technical people to get it (e.g. my parents). Obviously not every email I send needs to be encrypted, but I'd like to get in the practice of doing it right to ensure my privacy now and in the future.

Thanks!



You should do what everyone else does and use GPG, on your actual computer, not some hinky web application someone built.


You can't do end to end encryption if the receiver doesn't know how to deal with encryption stuff.

The second best thing to do is to use a e-mail provider that encrypts your e-mail using asymmetric key the moment they receive your mail. It protects you against search warrants but not active eavesdropping of your mail. And if the receiver's mail provider is being eavesdropped or receives a search warrants then there is noting you can do.


I have started using PGP to encrypt/sign my email. It's relatively easy to set up and use. I have successfully set up my wife and mother with it for both email and xmpp, and am working on convincing my dad and brother to do the same.

Take a look at Enigmail for Thunderbird and Psi for xmpp. Both work quite well and are reasonable to set up and use.


You are blessed. So many guys I know stick on the gorram web-interfaces, and I don't think they mind about privacy.


GPG is the classic solution to encrypted email, but it has some challenges that make it less likely to enter common usage. The primary interface is command line and confusing, though there are a few good GUIs for it, including GPGTools for OS X. GPGTools also interfaces elegantly with Mail.app.

The bigger challenge is secure key exchange. You either need to exchange your public keys in person, or use a difficult to manipulate approach to verifying them, e.g. exchanging keys via unencrypted email and then calling each other to verify each other's key fingerprint over voice communication to ensure the keys were not MITMed in transit.

If I could, I'd encrypt everything, just as a matter of principle. Even if it doesn't technically matter if it gets intercepted, encrypting all your communications is a good way to regain the privacy the government is saying we no longer have any right to. In practice, I'm not going to be able to encrypt everything, because few people are willing to use GPG yet, and that limits my ability to use it as well. But I'll do so when I can, and encourage others to use it.


You could try Fastmail by Opera. See https://www.fastmail.fm/

"We support TLS/SSL with all of our protocols. TLS/SSL is designed to encrypt all traffic and prevents eavesdropping, tampering, and message forgery on any communication between your computer and our servers."

https://www.fastmail.fm/help/overview_security.html


Note that Fastmail is hosted in Australia, which is a partner nation in ECHELON.


You mean UKUSA. ECHELON has nothing to do with this particular area of surveillance.

http://en.wikipedia.org/wiki/Ukusa


I don't. I accepted the surveillance long ago. I'm sorry this is coming as news to you.


BitMessage




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: