[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Encrypted e-mails?

Hash: SHA256

Torben Schou Jensen wrote:
> [...]
> But it is still very common to send unencrypted e-mails, open post cards.
> So why not use OpenPGP to encrypt e-mails, it is free, I am trying to find
> out how to?

Thunderbird, plus enigmail (plus gpg, obviously ;) ).

> With OpenPGP you create a personal keypair, a secret and public key.
> You send public key to friends, and they can encrypt e-mails to you, but
> only you can open with secret key.

> My primary e-mail is based on webmail with SquirrelMail on own private web
> server.
> A plugin named G/PGP Encryption is available, but not updated since 2007.
> Written in PHP, interfacing with GnuPG, I found that it not work on Debian
> Stable Linux and PHP 7.0.
> But after hunting bugs, I have been able to fix it to send encrypted
> e-mails between users within my server, not perfect, but working.
> Now thinking about coding a new plugin.

Issue was probably mainly centered around assumptions of GPG 1.x, huh?
Good deal that you got it working :)

> In case I get it working, then I need friends outside my server to use
> OpenPGP also.

Or at least PGP/GPG compliant software of their chosing.

> To my knowledge it is not available very many places.
> You normally get free e-mail without encryption, without encryption easier
> for microsoft or google to look in your e-mails.
> A week ago I got mail from google, that they now automatic add
> appointments from my google e-mail to my google calendar.
> I had then received copy of a hotel reservation from a friend, and
> suddenly google added this as my hotel reservation.
> So google in fact monitor my e-mails, scary, but not easy to have Android
> smartphone without google account.

Well, you do kind of allow it by virtue of using their service.  I mean,
sure it's a message "destined(tm)" for you, but it's on *their* servers.
Same kind of "invasion of privacy(tm)" happens in most office
environments -- all the emails that you send/receive are subject to
being read by your IT department if required.

> With https://protonmail.com/ we have webmail with focus on encrypted
> e-mails, but it require your friends also have account there to make full
> use of it.

Meh, never bothered with their service, pgp is easy enough; even through
google, etc.

> We try to be secure on Internet, but still not easy to use secure
> e-mails???

Mostly because people don't care.  They see "mail" in the name, and
think it's exactly like reglar mail and no one but the intended
recipient is allowed to look at it.



|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Reply to: