Encrypting emails
I use Thunderbird as my email client, and v. good and stable it has proved over the years. Just had an email from them doing a bit of trumpet-blowing and telling of enhancements coming in 2020, including
and that got me thinking: how useful would encryption be to the average punter like me? I don't use an online banking app, and ignore phishing - or at least I've managed to do so, so far! If I do need to discuss others' secrets (still do some times) it's nearly always word-of-mouth, or tracked postage, never email. But suppose I decided to start encrypting the odd stuff... presumably this means that my communicat-ee would also have to have the same package and key? Is this how it works? And would my package work with others out there? Where could I start doing a bit of research - in addition to anything I find within these hallowed walls, that is And would it be worth it in the end? |
JTR,
There's an excellent description here of how it works: https://blog.mailfence.com/end-to-end-email-encryption/ SD |
careful of this link because . . .
6 Attachment(s)
Originally Posted by Saab Dastard
(Post 10650599)
JTR,
There's an excellent description here of how it works: https://blog.mailfence.com/end-to-end-email-encryption/ SD Suggest you be careful of the link posted above here is why and check your email at this site https://haveibeenpwned.com if it shows up- the best one can do is change password two or three times within about a week and lie a bit re names of pets, family, birthdate, etc for non critical items when you set up security questions |
I can't think of a method more likely to attract what my Russian colleagues call "The Organs of the State" than sending encrypted emails TBH - they almost certainly have a filter at GCHQ to pick them up ASAP
That's NOT a list I would want to be on, personally.............. PS I Send anything "secret" after a dozen pictures of cats............... |
Completely useless unless you have PI in your emails that would require encryption. And then you can just use something like openPGP.
|
Grebe, there's no problem with the certificate for the link I posted.
The screenshots you posted suggest that your browser doesn't recognise Gandi as a legitimate CA, which it is. I'm using Firefox 71.0, and there's no indication of anything amiss with the certificate. SD |
Not unusual for journalists to employ this. If I had to, which I don't, I'd probably look at Proton Mail, sort of an encrypted version of Gmail, web-based, no local client necessary. All you need is a browser. Then there are the tin foil hat wearers....
|
Originally Posted by Mark in CA
(Post 10651577)
Not unusual for journalists to employ this. If I had to, which I don't, I'd probably look at Proton Mail, sort of an encrypted version of Gmail, web-based, no local client necessary. All you need is a browser. Then there are the tin foil hat wearers....
|
Originally Posted by Saab Dastard
(Post 10651107)
Grebe, there's no problem with the certificate for the link I posted.
The screenshots you posted suggest that your browser doesn't recognise Gandi as a legitimate CA, which it is. I'm using Firefox 71.0, and there's no indication of anything amiss with the certificate. SD G |
Originally Posted by The Range
(Post 10651790)
But you need the other party to use Proton Mail, don't you? I have a Proton account, but hardly use it because no other people that I communicate to use it.
At the same time, I sometimes wonder how many of these encryption systems are actually written with back-doors by security organizations. TED talks recommending them make me doublely suspicious. Isn’t the Apple mail system already end-to-end encrypted? |
Where you are using a client to communicate (send / receive) with your mail server and as long as you are communicating over https (webmail) or secure SMTP / POP3 / IMAP (thick client) then the email is encrypted in transit. Assumming that communication between your mail server and the target mail server is also encrypted, as is the communication between the target mail server and the final recipient, then the email is effectively encrypted in transit over the internet. However, the contents of the email are probably not encrypted on the mail servers themselves, so possibly vulnerable to access by 3rd parties (whether by hackers or government / security agencies).
If you use an encrypted email system, then the content is encrypted at all times (doubly so in transit), so it is only accessible by the sender and the recipient with the correct encryption key. In theory, PKI should be an open standard, so that as long as the sender has the recipient's public key they should be able to send an encrypted message to the recipient who decrypts it with their private key. However, in practice it is a lot harder to get interoperability unless both parties are using the same email system. |
All times are GMT. The time now is 12:39. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.