Encrypt your emails with free software for Windows, Mac, Or Linux
Published:
By: Kevin from CipherSanctum.comWhy encrypt your emails??
Because everything in your emails is public info. Any time you send a non encrypted email: It's like a postcard for anyone with the know how to read it's contents.
- All your banking info for those convenient updates blabbing how much money you have?? Intercepted.
- Sensitive business emails to your associates?? Intercepted.
- Times and places of where you going to be, and when?? Intercepted.
- Anything personal meant for a sender and recipient only?? .... (dick pics?? love letters??) ¯\_(ツ)_/¯.... Intercepted.
Blackmail, manipulation, and stealing is easy when bad people have this sort of info on you. Imagine someone intercepted an email and found out you were rich, found out your home address from some email receipts, and you also sent out a non encrypted email to a friend that you were going to be on vacation from X to Y dates... With that, you're basically giving the criminal a timeframe to rob your house. Granted, I think most people are good and the average person is never going to have to worry about any of this, but just in case you need some extra security: I hope this blog will teach you to help mitigate these risks. Let's begin!
First, mitigate potential damage with low tech options
- Start using a PO Box for more privacy: Because when you use and ship things you bought to your home address, your personal info usually comes in an email receipt exposing all this detail. What you bought, how much it cost, where it's being shipped to, etc. Don't forget that the box is most likely sitting outside for people to steal it for hours until you get home. So pick it up at the post office. They have services that let you do this.
- Opt out of financial updates: Don't let your bank or any other financial institution send you updates on the amount you have in your accounts. No details on what you own should be visible. Since they don't encrypt their emails to you, the best defense is to opt out of their updates.
Tools of the trade: Thunderbird, GPG, PGP, and Enigmail
The following works for Windows, Mac, Linux, and any email account like Gmail, Yahoo, or your private domain.
- Thunderbird: This is an open source and very popular free email client. Download and install it, then follow the setup instructions they guide you through. It works on any OS and lets you send and receive email from any email account you have (gmail, yahoo, yourdomain, etc). You can continue to send and receive email from the browser too, but if you ever want to send and receive encrypted emails you must use this email client with the tools below, because the browser will not be able to read the encrypted emails. Rather, all you'll see is a zip file and nothing in it can be read without decrypting. But if you want to use browser only email, and have that encrypted, use ProtonMail or something similar. But beware of that because those emails are only encrypted if you're sending from a ProtonMail account to another ProtonMail account, or to someone who uses the tools below, and you have each other's private keys. For example: Someone sending from ProtonMail to my email at this site will be able to send it encrypted as long as they encrypt it with my public key, of which I have on my contact page. Otherwise everything is sent from ProtonMail is not encrypted.
- GPG, PGP, and Enigmail: These are the tools used for encryption. Here are instructions for Windows, instructions for Linux, and instructions for Mac. No reason to put the same info twice when those are good enough, so pick your OS and follow the directions.
How this works, and extra details
When writing an encrypted email to someone, you need their public key. Their public key is used to encrypt the message, and only the private key they created with it can decrypt it. Likewise with yours. So if Jane and Joe want to send encrypted messages back and forth, they must first create their own public/private keys, then give their public keys to each other. Their private keys must stay private. Joe never gives his private key away, nor does Jane. Only their public keys are public.
Now when Jane has Joe's public key, she encrypts her messages to him with HIS PUBLIC key by clicking the lock icon to the ON position in Thunderbird. When he gets it, he clicks the message, and a window prompts him for his private key's password to see the encrypted message. And when Joe wants to send an encrypted message to her, he uses HER PUBLIC key to encrypt it, and she uses her private key to decrypt it. You can also sign your messages, letting people know that you are the one who sent it. Just click the pen / signing button right next to the lock before sending your email.
Remember, PUBLIC keys are PUBLIC. You can put them anywhere for anyone to see. You can also email them to your friends to download before they say any private details. Just exchange public keys first. Though before you put it in the public, I suggest removing your email from the file name, because bots on the internet are likely to scrape that detail and start sending spam to it. And if you want to be a little more private about it and not let your public keys be TOO public for some reason: meet in person and exchange the keys with a USB drive.
If you want to try sending an encrypted email to me, go to my contact page, download my public key, and send me a message!
I hope this helps in taking back your privacy.
And if anyone needs any web apps or a web site that doesn't censor you for unpopular opinions, contact me.
--Kevin