Archive for the ‘Encryption’ Category

Once you’ve recognized the importance of encrypting your Internet communications, the next step, of course, is to figure out how you plan to do this.

As with anything you intend to incorporate into your daily lifestyle, it’s important that you make a few key decisions up front, before you’re too committed to a particular approach. It’s also quite important that you find a relatively painless way to implement your plan: if it takes too much manual work, you’re not likely to do it all the time.

You Can’t Do It Alone

Encryption is about communication, and communication implies at least two parties. Whichever approach you settle upon for your day-to-day encryption, you will have to consider those with whom you will be communicating the most. This means you’ll want to select a technology that most of your friends and family will have readily available to them, as well. For example, if you wish to communicate with me, you will want to select an OpenPGP compatible solution, as I primarily use PGP Desktop Home for my regular correspondence.

X.509 Certificates

The easiest solution, though also the most expensive, is to purchase a client certificate from a trusted certificate authority, and install it into your favorite email client. There are a handful of certificate authorities which issue free certificates (albeit with no personally identifying information), but most of these are untrusted by the major operating systems. I’m aware of only one free certificate that is trusted by all the major operating systems, www.startssl.com.

As a software developer, I have used digital certificates in quite a few of my corporate software solutions, but I prefer to avoid the hassle and expense of paying for my certificates every year, for my personal use.

OpenPGP Keys

Back in 1991, Phil Zimmermann created the first “Pretty Good Privacy” (PGP) program, to enable political activists to secure their online communications. He released the source code into the public domain, because he felt that encryption technology was something that average people should have access to, not just corporate and government developers.

This is the approach I have settled on, for my own personal correspondence. While the technology is often a little bit more finicky to get working, because it’s mostly open source software, it’s the most popular protocol amongst non-governmental types, and there are quite a few innovative solutions based on it (such as encrypting instant messaging conversations and VOIP telephone calls).

My Current Implementation

At the moment, I am using Microsoft Outlook 2010 Beta 2, as my primary email client, and PGP Desktop Home v9.10.

I won’t go through a step-by-step installation guide, as whatever software you select will already have such. In my case, PGP Desktop was an ideal solution because, though it cost me $99 to purchase a license, it uses a client-agnostic proxy that filters my incoming and outgoing email traffic. It also intercepts AOL Instant Messenger (AIM) traffic and encrypts it, as well!

If you are using Outlook 2003 or 2007, there is an open source plugin called GpgOl that is available, as part of an overall Windows-oriented package of GPG (open source version of PGP) tools called Gpg4Win. As of today, I have been unable to get GpgOl to work in Outlook 2010, though I’ve seen a few comments on the support forum by folks who claim to have made it work. I’m thinking, maybe, they had it installed before they upgraded Outlook 2007 to Outlook 2010.

While I was investigating software implementations of PGP for Windows, I also came across a product called cGeep that looked very promising. It also uses the Outlook plugin approach, though, so I decided to go ahead and pay a little more to get PGP’s proxy, so I could know it will work with the cutting edge, beta software that I often run.

What Are You Waiting For?

If you value your privacy and individual liberties at all, I strongly encourage you to invest an hour or two setting up an encryption system on your computer. If you need any technical assistance, I can’t promise to be an expert, but I’d be happy to assist however I can.