Monday, December 21, 2009

Encrypt Your Gmail Email Messages

Encrypting one's email--and messages--seems a bit paranoid, yet I find myself doing so for stuff I just don't want to drop in "plain text" in my inbox. As access to the cloud makes it easier to save stuff there, I find myself wanting to store some of my important documents.


My first experiences with Pretty Good Privacy (PGP) and later, GPG, were a pain in the rear. Setting up keys and all the mumbo jumbo never seemed to make much sense. What's worse, I could never find anyone to share my encrypted documents with (except for Wes Fryer and a security-conscious principal I worked for and mentored in all things DOS).



Over time, though, I've seen the tools evolve and get much easier to use. FireGPG is one of those add-ons to Firefox that makes encrypting your email in Gmail much easier, assuming you've done the work of setting up your own public/private key. Here's a brief description from their web site (you can also follow their progress via their blog):
FireGPG is a Firefox extension under MPL that provides an integrated interface to apply GnuPG operations to the text of any web page, including encryption, decryption, signing, and signature verification.

Since I use GPG encryption/decryption on every platform--Mac, Linux, Windows--I feel pretty comfortable encrypting material to myself that I wouldn't want folks to read or access.


For example, on my Mac, after setting up my private/public key, I installed FireGPG and then began composing an email in Gmail.



This image above basically shows me highlighting a message text, then right-clicking and choosing Encrypt from the pop-up menu.





and after you click on COPY TO CLIPBOARD AND CLOSE, you end up back in your Gmail Email Compose window where you can paste in the encrypted message:

You can also choose to encrypt attachments, which is a time-saver. Aside from that, the main benefit is that one doesn't have to mess with the desktop tools available on platforms like Macintosh which lag behind their Windows (GPG4Win) and GNU/Linux counterparts (sudo apt-get install gpa or KGPG).

By the way, you can find my public key online here.



Subscribe to Around the Corner-MGuhlin.org



Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

1 comments:

Anonymous said...

I came across, this, it looks much easier...

http://www.completelyprivatefiles.com/blog/...