Computer/Internet Issues & Troubleshooting Anyone with questions about the terribly complex world of computers or the internet should try here. NOT FOR REPORTING ISSUES WITH PPRuNe FORUMS! Please use the subforum "PPRuNe Problems or Queries."

Encrypting emails

Old 30th Dec 2019, 23:25
  #1 (permalink)  
Thread Starter
 
Join Date: Apr 2008
Location: Out in the sticks in DE56
Age: 82
Posts: 553
Encrypting emails

I use Thunderbird as my email client, and v. good and stable it has proved over the years. Just had an email from them doing a bit of trumpet-blowing and telling of enhancements coming in 2020, including
  • New Address Book
  • Enhancements to Calendar
  • A Better Dark Mode
  • Built-in Encrypted Email Support
and that got me thinking: how useful would encryption be to the average punter like me? I don't use an online banking app, and ignore phishing - or at least I've managed to do so, so far! If I do need to discuss others' secrets (still do some times) it's nearly always word-of-mouth, or tracked postage, never email.
But suppose I decided to start encrypting the odd stuff... presumably this means that my communicat-ee would also have to have the same package and key? Is this how it works? And would my package work with others out there?
Where could I start doing a bit of research - in addition to anything I find within these hallowed walls, that is
And would it be worth it in the end?
jimtherev is offline  
Old 31st Dec 2019, 00:05
  #2 (permalink)  
Moderator
 
Join Date: Sep 2003
Location: Twickenham, home of rugby
Posts: 6,656
JTR,

There's an excellent description here of how it works: https://blog.mailfence.com/end-to-end-email-encryption/

SD
Saab Dastard is offline  
Old 31st Dec 2019, 05:40
  #3 (permalink)  
 
Join Date: Sep 2019
Location: leftcoast
Posts: 3
careful of this link because . . .

Originally Posted by Saab Dastard View Post
JTR,

There's an excellent description here of how it works: https://blog.mailfence.com/end-to-end-email-encryption/

SD

Suggest you be careful of the link posted above here is why




and check your email at this site

https://haveibeenpwned.com

if it shows up- the best one can do is change password two or three times within about a week

and lie a bit re names of pets, family, birthdate, etc for non critical items when you set up security questions
Attached Files
File Type: pdf
careful of this link.pdf (36.8 KB, 11 views)
File Type: pdf
careful of this site .pdf (38.8 KB, 6 views)

Last edited by Grebe; 31st Dec 2019 at 05:41. Reason: clarity
Grebe is offline  
Old 31st Dec 2019, 08:45
  #4 (permalink)  
 
Join Date: Oct 2018
Location: Ferrara
Posts: 2,146
I can't think of a method more likely to attract what my Russian colleagues call "The Organs of the State" than sending encrypted emails TBH - they almost certainly have a filter at GCHQ to pick them up ASAP

That's NOT a list I would want to be on, personally..............


PS I Send anything "secret" after a dozen pictures of cats...............

Last edited by Asturias56; 31st Dec 2019 at 12:46.
Asturias56 is online now  
Old 31st Dec 2019, 09:30
  #5 (permalink)  
 
Join Date: Dec 2019
Location: Canterbury, Kent
Posts: 7
Completely useless unless you have PI in your emails that would require encryption. And then you can just use something like openPGP.
ben645 is offline  
Old 31st Dec 2019, 18:24
  #6 (permalink)  
Moderator
 
Join Date: Sep 2003
Location: Twickenham, home of rugby
Posts: 6,656
Grebe, there's no problem with the certificate for the link I posted.
The screenshots you posted suggest that your browser doesn't recognise Gandi as a legitimate CA, which it is. I'm using Firefox 71.0, and there's no indication of anything amiss with the certificate.

SD
Saab Dastard is offline  
Old 1st Jan 2020, 17:21
  #7 (permalink)  
 
Join Date: Jan 2008
Location: US/EU
Posts: 694
Not unusual for journalists to employ this. If I had to, which I don't, I'd probably look at Proton Mail, sort of an encrypted version of Gmail, web-based, no local client necessary. All you need is a browser. Then there are the tin foil hat wearers....
Mark in CA is offline  
Old 2nd Jan 2020, 01:01
  #8 (permalink)  
 
Join Date: Mar 2010
Location: In the twilight zone
Posts: 252
Originally Posted by Mark in CA View Post
Not unusual for journalists to employ this. If I had to, which I don't, I'd probably look at Proton Mail, sort of an encrypted version of Gmail, web-based, no local client necessary. All you need is a browser. Then there are the tin foil hat wearers....
But you need the other party to use Proton Mail, don't you? I have a Proton account, but hardly use it because no other people that I communicate to use it.
The Range is offline  
Old 2nd Jan 2020, 20:29
  #9 (permalink)  
 
Join Date: Sep 2019
Location: leftcoast
Posts: 3
Originally Posted by Saab Dastard View Post
Grebe, there's no problem with the certificate for the link I posted.
The screenshots you posted suggest that your browser doesn't recognise Gandi as a legitimate CA, which it is. I'm using Firefox 71.0, and there's no indication of anything amiss with the certificate.

SD
Thanks- for some reason the Safari browser didn't like- but i changed to firefox latest version and no problem. Took a while to untangle whagt with new year and using NordVPN due to local issues with wi-fi I found incorrectly setup

G
Grebe is offline  
Old 2nd Jan 2020, 21:08
  #10 (permalink)  
 
Join Date: Jul 2002
Location: 40N, 80W
Posts: 233
Originally Posted by The Range View Post
But you need the other party to use Proton Mail, don't you? I have a Proton account, but hardly use it because no other people that I communicate to use it.
Same here. I also have Proton Mail, but have only managed to use it with one correspondent.

At the same time, I sometimes wonder how many of these encryption systems are actually written with back-doors by security organizations. TED talks recommending them make me doublely suspicious.

Isnít the Apple mail system already end-to-end encrypted?
PickyPerkins is offline  
Old 2nd Jan 2020, 22:56
  #11 (permalink)  
Moderator
 
Join Date: Sep 2003
Location: Twickenham, home of rugby
Posts: 6,656
Where you are using a client to communicate (send / receive) with your mail server and as long as you are communicating over https (webmail) or secure SMTP / POP3 / IMAP (thick client) then the email is encrypted in transit. Assumming that communication between your mail server and the target mail server is also encrypted, as is the communication between the target mail server and the final recipient, then the email is effectively encrypted in transit over the internet. However, the contents of the email are probably not encrypted on the mail servers themselves, so possibly vulnerable to access by 3rd parties (whether by hackers or government / security agencies).

If you use an encrypted email system, then the content is encrypted at all times (doubly so in transit), so it is only accessible by the sender and the recipient with the correct encryption key. In theory, PKI should be an open standard, so that as long as the sender has the recipient's public key they should be able to send an encrypted message to the recipient who decrypts it with their private key. However, in practice it is a lot harder to get interoperability unless both parties are using the same email system.
Saab Dastard is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.