PGP/GPG for GMail
My buddy Zep found a cool tool that integrates FireGPG seamlessly with Gmail and posted a great description on his blog. As if there weren’t enough reasons to move your personal account to Gmail, for many of us this is something we’ve been clamoring for for awhile. In an age where identity theft is an everyday occurrence there’s no reason not to encrypt your email. Personally, I send most client correspondence encrypted for obvious privacy reasons.
I’m really impressed how easy it is to use. There’s a dashboard with a Gmail tab that’s pretty much idiot-proof. I say that with a smirk, but it’s important. If only us geeks use it then there’s not much to be gained. We probably would have found another method anyway. The beauty of this solution is in its simplicity and ease of use.
It’s a Firefox extension and pushes itself right into Gmail. I wish they’d make a solution for IE7 as well since for better or worse it’s still the de facto standard web browser. You’ll note I said it’s a firefox extension. It’s not a key manager. For that you’ll need to download GNUPG or my preference, GPG4Win which also has a file encryption plugin GPGee and an Outlook 2003 plugin, GPGol.
Although I haven’t tested it, I’d guess this will work Google Apps hosted mail as well. That makes it an ideal solution for small business users that don’t have, or want, in house encryption expertise or to bring in expensive consultants.
What are you waiting for? All the tools are free and available with 2-3 quick downloads. I’ve walked a few very non-technical clients through this process already so if you have any questions please leave a comment or contact me directly.
8 Comments »
Leave a comment
-
Subscribe via RSS or email
My Twitter Stream- alexlewis: Wow... Darwinism on the 4th of July http://is.gd/1p0Cq Fireworks gone bad. July 6, 2009
- alexlewis: @_S_A_R_A_H_ So it wasn't a joke? Carter's really not coming back? :( July 6, 2009
- alexlewis: @Foodimentary warmer than what?? July 6, 2009
- alexlewis: RT @NET4UC: Dubai Executive Council deploys #unified communications with #OCS http://www.ameinfo.com/201831.html July 6, 2009
- alexlewis: @neutraldivegear I guess the upside is PADI is a LOT more convenient for most. Only one TDI shop in all of the bay area, NorCal #scuba July 6, 2009
-
Archives
- April 2009 (1)
- June 2008 (5)
- May 2008 (28)
- April 2008 (6)
-
Categories
-
RSS
Entries RSS
Comments RSS
I agree that privacy is important in email. However, there are troubles with encryption:
1. My friends think it is dorky.
2. The govenment does not like it. In fact, it gets their attention which is not good. I don’t want to look like I am hiding anything. Therefore, agent #7, it is OK to read all my email. Hell, I’LL foreward them to you as I HAVE NOTHING TO HIDE. In fact, I hate all terrorists whoever they are. If new people are named terrorists, I hate them all ready, whoever they decide. Nepal, Bhutan, whatever. If they named me a terrorist–which they won’t–I’d hate myself.
3. The NSA has probably all ready cracked it.
4. My friends think it’s dorky.
Other than that, I’d gladly use it. I don’t think what I tell my wife is anyone’s business. But encryption is looked down upon by everyone but us geeks.
I know email is insecure, in fact, I kind of want to put all my emails online somehow, automatically. Therefore, when I write email, I’ll be more careful. However, I feel that this might break some kind of wiretapping law.
Anyway, I hope you and agent #7 have a nice day.
Good point Leroy. As the Internet becomes easier and easier to use so do previously “geek only” tools. I remember the days when only “nerds” had analog “phone handset on top” modems and dialed into Woz’s BBS. Now almost everyone has a computer and access to the internet. Tools like FireGPG make something previously complex vey simple. I believe it’s that kind of thinking that drives innovation in the modern ‘Net world.
just because someone can (someone read as NSA or any other TLA .gov peoples) do something doesn’t mean that [they should|it should be tolerated], IMHO.
and having nothing to hide doesn’t mean that you don’t still want to be able to be sure what your sending doesn’t get copied or possibly modified along the way (signatures are great).
whoa. I just got this as an ad in gmail:
Google Email Encryption – http://www.google.com/a/security – Solve your business security issues by encrypting emails.
how amusing. and they charge for it. fun.
Always remember, your PGP key is as strong as your password is. The NSA can crack passwords like “123456″ i a few seconds.
….and…GNUPG rocks!
Since we seem to be on the thread of NSA/FBI interception, I thought I’d mention that just because you use p/gpg on an email doesn’t mean it’s completely safe from eavesdropping. granted mail servers are many and that’s one of the easier places for things to be intercepted; but if you read an encrypted email in gmail like this, you are sending unencrypted data from gmail servers (Santa Clara, maybe? probably right off amphitheater drive, actually) all the way through the net to your home machine through to the browser. So if you really wanna be secret & secure, you still need to pull the fully encrypted message to your (secured) home box and do the decryption there.
sorry for comment spam
[...] that comparatively I like firefox addons for gmail, free POP3 forwarding, filters, color labeling, encryption and google [...]
Pingback by Email safe and easy | Learn fast, easy and with fun | June 13, 2008 |
“but if you read an encrypted email in gmail like this, you are sending unencrypted data from gmail servers (Santa Clara, maybe? probably right off amphitheater drive, actually) all the way through the net to your home machine through to the browser.”
uhh, like.. isn’t the point of installing this firefox extension so it can do the encryption/decryption at your end? what are you talking about “gmail sends plaintext back to your pc from santa clara?” gmail never sees your private key, and it never sees anything but an encrypted message… so how does it get plaintext?
and as far as the NSA paranoia is concerned, well.. it’s valid I guess *if you’re trying to hide your email from the NSA.*
I’m not.
I’m trying to secure it from identity thieves and lesser, albeit malicious, entities than the NSA.
Leroy: is having your friends perceive you as “dorky” of greater concern to you than your privacy and your identity?
Encryption is not “looked down upon by everyone except geeks.” It may be in your world, but this is the first I heard of it.
And encryption is not just used by people who have some “secret” to hide as you’ve implied. In fact it’s used probably a lot more than you know. If you think the NSA is looking into everyone who’s sending around encrypted messages then you’re naive.