Open Hatch

[Myeh. The Wordbook plugin copied the first draft with an innacuracy too soon at FaceBook, and I can't change it.]

I’ve become fascinated and very impressed by public-key encryption, which I’d never understood, but have now read up on at Wikipedia.

With this setup, you and you only hold a private decryption “key”. You also have a public encryption key. Anyone can encrypt anything with your public key, but anything so encrypted with your public key can only be decrypted with your private key. Your public key can therefore be completely public.

The only drawback is data duplication: if you want to send an encrypted message to many people, you have to encrypt it for each person.

But, apparently, there is no known way to crack PGP public key encryption. I’ve read that if they build largely usable quantum computers (they have done simple computations with quantum particles!), they maybe could crack it. Meanwhile, it’s invincible.

I’m paranoid that so many millions of people using public email services have all that personal data stored at servers they do not directly control, and that any insider to that server who has ill will could (maybe with effort, depending), hack into their email. If an insider hacks into it, where is your privacy? Bye-bye. (Not to mention the identity theft and fraud possibilities.) Most emails are sent completely naked hopping across so many servers anyway. Sent in plain text. Can be spied on at any server along the way. Moreover, the US Federal Government has a history of attempting to coerce service providers into leaving an open door into any user’s data, should they find cause (and how do you guarantee they won’t do that without cause – never mind without your knowledge?)

Also, if that server you can’t control goes down (and you store messages online), where is all your data? Bye-bye.

Most of what I transmit in email I wouldn’t *terribly* mind being stolen and/or lost. (Never mind that any email can be traced back to its originating location – a whole other problem – unless drastic misdirection/concealment measures are taken. If anyone with enough resources had cause to trace it back to your location, they could.)

However, when I think of emails that actually are private, yet hosted at servers not controlled be me, and crackable by any insider, and sent in plain-text to begin with – and that this is the situation for the vast majority of people’s email addresses – all that makes me squirm. It is for these reasons I consider the following tools marvelous, and their creators heroic.

1. From the creator of PGP: Why you need PGP.
2. Gpg4win, a port of GnuPGP (fully PGP compliant) to Windows. This will allow you to encrypt any data and be sure that nobody can crack it – if you’ve obliterated the pre-encryption remnants scattered on your hard drive’s unused space, that is Don’t lose your private key, or you won’t get at your own data, either.
3. FireGPG, a Mozilla Firefox plugin that uses item no. 2 to add PGP encryption/decryption facilities to the gmail web interface. Create your own PGP key pair, send the public one out, and others can send you messages and be absolutely sure that you and you only can read them. (This is of course fabulous for concealing all kinds of sins – if you’re into all that. Although there are such things as good secrets.)
4. A tutorial on how to -
5. Use this Thunderbird plugin, which also uses Pgp4win to encrypt/decrypt email – in client mail (which is my personal preference).

(I believe I read there is also a port of GnuPGP to the Mac, which would then render Firefox and Thunderbird to have the same facilities on a Mac.)

I’m frankly baffled at why none of this is part of email infrastructure to begin with. And unfortunately, while with work you can get any of the above going, it’s not necessarily easy to grasp at first. This should be built into everything with near transparency.

But all this said, if you should ever wish to send me a secret message that is absolutely un-crackable by anyone but me, here’s my public key (which I tie to my various email addresses, which you’ll be able to look up at a key-server if you install any of the above).

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.9 (MingW32)

mQGiBEoFs+kRBACKqyOJvzuS1my2Y/hlUbx+h8OeF5rPr0oYtDFteEfS2nr5GusZ
LAPEJFQy5EskMmrZmWvmDNuToMIJub0VOIV2z35C/ObEZykm6Z256In8uRNvxnq8
76HQxPufUB5BlHJKxDFxSIxhpdKCAaNhQt6utwBX99wkLa63DsJr1OigJwCg39nd
DsB/4LLIRbjMywRb40P/jbkD/ipBSDAVzWNrK0UogkxujMnKPX9Lu1LM0TOf0iRm
zNmx9LbZ1DBgQ5R2ujl4v9a6m44WiDSwSYLrgDDb9Q2KTZAGtcRncgNfg6D3UO9i
4itf0JQLGKl5+mhNMCqHy0QvJkiEvyfxszBxdEM1KAEAhjLqKas+ZtqZ2P2zOUiV
H+V2A/0TC+DlMKcaCBjts6DZUGJbXHR530DaeAmSl62XkSFwno3P+H+jakbNhK6h
UhRbuNFA8SxrPnwVVXZBj/92QV8i/6slKFpDn/hT5NpM3228tgZ2Jho33K04Zz7w
PdGLGnlAyO+tMA7/7pVm1HMhfsdyKRJ/7UztE67DpgY409qpUbQeQWxleCBIYWxs
IDxhbGV4QG9wZW5oYXRjaC5uZXQ+iGAEExECACAFAkoPpNwCGyMGCwkIBwMCBBUC
CAMEFgIDAQIeAQIXgAAKCRDbaB12Hp2D2iNEAJ9QBnnGik00Oa0J42EIHQAFTXfk
UgCgvtgsU1g/MaWQwbv9C+XoJS7oTOi0KEFsZXggYW5kIFRpYSBIYWxsIDxhbGV4
YW5kdGlhQGdtYWlsLmNvbT6IYAQTEQIAIAUCSgWz6QIbIwYLCQgHAwIEFQIIAwQW
AgMBAh4BAheAAAoJENtoHXYenYPacC4AnRmZIU+Y4kawFNsv7HuRaJ9ttNoIAKDB
3F9KteRYxifQv0oNbG0L68MhgrQoQWxleCBIYWxsIDxuYXJmbmFyZnNpbGx5d2ls
bHlAZ21haWwuY29tPohgBBMRAgAgBQJKD6T4AhsjBgsJCAcDAgQVAggDBBYCAwEC
HgECF4AACgkQ22gddh6dg9qHygCeJp3vzziISUeRmObP6fB8rauCumYAoNgpSLZY
mXvjHJaojLa0LuGNNQ4TuQINBEoFs+kQCACYbU3FUDpgC9/gjAkyDuxARxWCuMaD
zxDowKB7lAmoruWdW0+PtF4j4MD7ODobROxGwhOXgDQ2IxpFiZCzWnzPHQOgW3yn
Rxwr7gYLucEA6XKRrIEGta7X9UuBrG0oa7/CCYvngjRfRtvDxc0J64cg/GyfxJdr
nyasqm6JcYNKfkCNejP/LLOAUWcIGAXP55sC46IeMK7HhHHEQuEvxzn575bXMlFJ
elix7Fod9jy/latBqtrEZrtYwWTV0NLGGWJFc9Y4ew15gEENhuCA1d1w17mwQPgp
FQNpss6uzuwmi2bJ7YewqJjkxgl8cFwjFW4iDJzNuwl6mgKRjPoQKotfAAMFCACJ
KrZSOX5Pjm3BHENX0S9bGO8VZjivt6dD3GRJXTznYrdnw6XG7nXJvzuSvEkduGUz
4jf4eINeR6OXcUiv8u7+cP0DZxjXMI2x7Hy1metGdBMIuKlArFlyBOzdCD7LoLPT
sCx6X109L2i9LJFPOux80b2ttIqhgOm75RHA8Mk0gtUYtrsefgQUZS7UInXeQYfm
ydUMFjHNimZT6lw0i3nP245JtBoF8Jre5R9tKMRbT7Tiv0Zbgt1UikNvVxYazvLY
mnetyDdmg7vU1CXQfZwBIUKFf4W/qgc415pMJM5924VdXs97q+cjI25ZC+d8HIZF
uwaWkrrOfPqfBFXU7u6piEkEGBECAAkFAkoFs+kCGwwACgkQ22gddh6dg9rX6ACf
fEoVBIQ5ugUJ1FmiXeoJyfvKX80AoICOUXwOf/MRL3dufYAgHappGrRr
=494Z
—–END PGP PUBLIC KEY BLOCK—–