Commit | Line | Data |
---|---|---|
a6ffc443 AE |
1 | <!DOCTYPE html> |
2 | <html lang="en"> | |
3 | <head> | |
4 | <meta http-equiv="content-type" content="text/html; charset=utf-8" /> | |
5 | <title>Email Self-Defense - a guide to fighting surveillance with GnuPG | |
6 | encryption</title> | |
7 | <meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, | |
8 | email, Enigmail" /> | |
9 | <meta name="description" content="Email surveillance violates our fundamental | |
10 | rights and makes free speech risky. This guide will teach you email | |
11 | self-defense in 40 minutes with GnuPG." /> | |
12 | <meta name="viewport" content="width=device-width, initial-scale=1" /> | |
13 | <link rel="stylesheet" href="../static/css/main.css" /> | |
14 | <link rel="shortcut icon" | |
15 | href="../static/img/favicon.ico" /> | |
16 | </head> | |
17 | ||
18 | <body><iframe src="https://static.fsf.org/nosvn/banners/2021fundraiser-spring/" style="width: 100%; height: 150px; display: block; margin: 0; border: 0 none; overflow: hidden;"></iframe><div style="text-align: center; padding: 2.5px; background-color: #a94442; color:#fcf8e3;"><p>Due to Enigmail's PGP functionality being migrated into Icedove and Thunderbird, steps 2 and 3 of the guide are currently out of date.</p><p> Thank you for your patience while we're working on a new round of updates.</p></div> | |
19 | ||
20 | <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ --> | |
21 | <header class="row" id="header"><div> | |
22 | ||
23 | <h1>Email Self-Defense</h1> | |
24 | ||
25 | <!-- Language list for browsers that do not have JS enabled --> | |
26 | <ul id="languages" class="os"> | |
27 | <!--<li><a class="current" href="/en">English - v4.0</a></li> | |
28 | <li><a href="/cs">čeština - v4.0</a></li> | |
29 | <li><a href="/de">Deutsch - v4.0</a></li> | |
30 | <li><a href="/el">ελληνικά - v3.0</a></li> | |
31 | <li><a href="/es">español - v4.0</a></li> | |
32 | <li><a href="/fa">فارسی - v4.0</a></li> | |
33 | <li><a href="/fr">français - v4.0</a></li> | |
34 | <li><a href="/it">italiano - v3.0</a></li> | |
35 | <li><a href="/ja">日本語 - v4.0</a></li> | |
36 | <li><a href="/pt-br">português do Brasil - v3.0</a></li> | |
37 | <li><a href="/ro">română - v3.0</a></li> | |
38 | <li><a href="/ru">русский - v4.0</a></li> | |
39 | <li><a href="/sq">Shqip - v4.0</a></li> | |
40 | <li><a href="/sv">svenska - v4.0</a></li> | |
41 | <li><a href="/tr">Türkçe - v4.0</a></li> | |
42 | <li><a href="/zh-hans">简体中文 - v4.0</a></li>--> | |
43 | <li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"> | |
44 | <strong><span style="color: #2F5FAA;">Translate!</span></strong></a></li> | |
45 | </ul> | |
46 | ||
47 | <ul id="menu" class="os"> | |
48 | <li class="spacer"><a href="index.html">Set up guide</a></li> | |
49 | <!--<li><a href="mac.html">Mac OS</a></li>--> | |
50 | <!--<li><a href="windows.html">Windows</a></li>--> | |
51 | <li><a href="workshops.html" class="current">Teach your friends</a></li> | |
52 | <li><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email%20encryption%20for%20everyone%20via%20%40fsf">Share | |
53 | <img | |
54 | src="../static/img/gnu-social.png" class="share-logo" | |
55 | alt="[GNU Social]" /> | |
56 | <img | |
57 | src="../static/img/mastodon.png" class="share-logo" | |
58 | alt="[Mastodon]" /> | |
59 | <img | |
60 | src="../static/img/reddit-alien.png" class="share-logo" | |
61 | alt="[Reddit]" /> | |
62 | <img | |
63 | src="../static/img/hacker-news.png" class="share-logo" | |
64 | alt="[Hacker News]" /> | |
65 | </a></li> | |
66 | </ul> | |
67 | ||
68 | <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ --> | |
69 | <div id="fsf-intro"> | |
70 | ||
71 | <h3><a href="https://u.fsf.org/ys"><img | |
72 | alt="Free Software Foundation" | |
73 | src="../static/img/fsf-logo.png" /> | |
74 | </a></h3> | |
75 | ||
76 | <div class="fsf-emphasis"> | |
77 | ||
78 | <p>We want to translate this guide | |
79 | into more languages, and make a version for encryption on mobile | |
80 | devices. Please donate, and help people around the world take the first | |
81 | step towards protecting their privacy with free software.</p> | |
82 | ||
83 | </div> | |
84 | ||
85 | <p><a | |
86 | href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img | |
87 | alt="Donate" | |
88 | src="../static/img/en/donate.png" /></a></p> | |
89 | ||
90 | </div><!-- End #fsf-intro --> | |
91 | ||
92 | <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ --> | |
93 | <div class="intro"> | |
94 | ||
95 | <p><a id="infographic" | |
96 | href="https://emailselfdefense.fsf.org/en/infographic.html"><img | |
97 | src="../static/img/en/infographic-button.png" | |
98 | alt="View & share our infographic →" /></a> | |
99 | Understanding and setting up email encryption sounds like a daunting task | |
100 | to many people. That's why helping your friends with GnuPG plays such an | |
101 | important role in helping spread encryption. Even if only one person shows | |
102 | up, that's still one more person using encryption who wasn't before. You have | |
103 | the power to help your friends keep their digital love letters private, and | |
104 | teach them about the importance of free software. If you use GnuPG to send and | |
105 | receive encrypted email, you're a perfect candidate for leading a workshop!</p> | |
106 | ||
107 | </div><!-- End .intro --> | |
108 | </div></header><!-- End #header --> | |
109 | ||
110 | <!-- ~~~~~~~~~ Section 1: Get your friends or community interested ~~~~~~~~~ | |
111 | --> | |
112 | <section style="padding-top: 0px;" class="row" id="section1"> | |
113 | <div style="padding-top: 0px;"> | |
114 | ||
115 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
116 | <div class="section-intro"> | |
117 | <p style="margin-top: 0px;" class="image"><img | |
118 | src="../static/img/en/screenshots/workshop-section1-update.png" | |
119 | alt="A small workshop among friends" /></p> | |
120 | <h2><em>#1</em> Get your friends or community interested </h2> | |
121 | ||
122 | <p>If you hear friends grumbling about their lack of privacy, ask them if | |
123 | they're interested in attending a workshop on Email Self-Defense. If your | |
124 | friends don't grumble about privacy, they may need some convincing. You might | |
125 | even hear the classic "if you've got nothing to hide, you've got nothing to | |
126 | fear" argument against using encryption.</p> | |
127 | ||
128 | <p>Here are some talking points you can use to help explain why it's worth | |
129 | it to learn GnuPG. Mix and match whichever you think will make sense to | |
130 | your community:</p> | |
131 | ||
132 | </div><!-- End .section-intro --> | |
133 | <div id="step-aa" class="step"> | |
134 | <div class="sidebar"> | |
135 | <!-- Workshops image commented out from here, to be used above instead. | |
136 | ||
137 | <p><img id="workshops-image" | |
138 | src="../static/img/en/screenshots/workshop-section1.png" | |
139 | alt="Workshop icon"></p>--> | |
140 | </div><!-- /.sidebar --> | |
141 | <div class="main"> | |
142 | ||
143 | <h3>Strength in numbers</h3> | |
144 | ||
145 | <p>Each person who chooses to resist mass surveillance with encryption makes | |
146 | it easier for others to resist as well. People normalizing the use of strong | |
147 | encryption has multiple powerful effects: it means those who need privacy | |
148 | the most, like potential whistle-blowers and activists, are more likely to | |
149 | learn about encryption. More people using encryption for more things also | |
150 | makes it harder for surveillance systems to single out those that can't | |
151 | afford to be found, and shows solidarity with those people.</p> | |
152 | ||
153 | </div><!-- End .main --> | |
154 | <div class="main"> | |
155 | ||
156 | <h3>People you respect may already be using encryption</h3> | |
157 | ||
158 | <p>Many journalists, whistleblowers, activists, and researchers use GnuPG, | |
159 | so your friends might unknowingly have heard of a few people who use it | |
160 | already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make | |
161 | a list of people and organizations who use GnuPG whom your community will | |
162 | likely recognize.</p> | |
163 | ||
164 | </div><!-- End .main --> | |
165 | <div class="main"> | |
166 | ||
167 | <h3>Respect your friends' privacy</h3> | |
168 | ||
169 | <p>There's no objective way to judge what constitutes privacy-sensitive | |
170 | correspondence. As such, it's better not to presume that just because you | |
171 | find an email you sent to a friend innocuous, your friend (or a surveillance | |
172 | agent, for that matter!) feels the same way. Show your friends respect by | |
173 | encrypting your correspondence with them.</p> | |
174 | ||
175 | </div><!-- End .main --> | |
176 | <div class="main"> | |
177 | ||
178 | <h3>Privacy technology is normal in the physical world</h3> | |
179 | ||
180 | <p>In the physical realm, we take window blinds, envelopes, and closed doors | |
181 | for granted as ways of protecting our privacy. Why should the digital realm | |
182 | be any different?</p> | |
183 | ||
184 | </div><!-- End .main --> | |
185 | <div class="main"> | |
186 | ||
187 | <h3>We shouldn't have to trust our email providers with our privacy</h3> | |
188 | ||
189 | <p>Some email providers are very trustworthy, but many have incentives not | |
190 | to protect your privacy and security. To be empowered digital citizens, | |
191 | we need to build our own security from the bottom up.</p> | |
192 | ||
193 | </div><!-- End .main --> | |
194 | </div><!-- End #step-aa .step --> | |
195 | </div></section><!-- End #section1 --> | |
196 | ||
197 | <!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ --> | |
198 | <section class="row" id="section2"><div> | |
199 | ||
200 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
201 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
202 | margin-bottom: 0px;"> | |
203 | ||
204 | <h2><em>#2</em> Plan The Workshop</h2> | |
205 | ||
206 | <p>Once you've got at least one interested friend, pick a date and start | |
207 | planning out the workshop. Tell participants to bring their computer and | |
208 | ID (for signing each other's keys). If you'd like to make it easy for the | |
209 | participants to use <a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">Diceware</a> for choosing passwords, get a pack of dice | |
210 | beforehand. Make sure the location you select has an easily accessible | |
211 | Internet connection, and make backup plans in case the connection stops | |
212 | working on the day of the workshop. Libraries, coffee shops, and community | |
213 | centers make great locations. Try to get all the participants to set up | |
214 | an email client based on Thunderbird before the event. Direct them to their | |
215 | email provider's IT department or help page if they run into errors.</p> | |
216 | ||
217 | <p>Estimate that the workshop will take at least forty minutes plus ten minutes | |
218 | for each participant. Plan extra time for questions and technical glitches.</p> | |
219 | ||
220 | <p>The success of the workshop requires understanding and catering to | |
221 | the unique backgrounds and needs of each group of participants. Workshops | |
222 | should stay small, so that each participant receives more individualized | |
223 | instruction. If more than a handful of people want to participate, keep the | |
224 | facilitator to participant ratio high by recruiting more facilitators, or by | |
225 | facilitating multiple workshops. Small workshops among friends work great!</p> | |
226 | ||
227 | </div><!-- End .section-intro --> | |
228 | </div></section><!-- End #section2 --> | |
229 | ||
230 | <!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ --> | |
231 | <section class="row" id="section3"><div> | |
232 | ||
233 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
234 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
235 | margin-bottom: 0px;"> | |
236 | ||
237 | <h2><em>#3</em> Follow the guide as a group</h2> | |
238 | ||
239 | <p>Work through the Email Self-Defense guide a step at a time as a group. Talk | |
240 | about the steps in detail, but make sure not to overload the participants | |
241 | with minutia. Pitch the bulk of your instructions to the least tech-savvy | |
242 | participants. Make sure all the participants complete each step before the | |
243 | group moves on to the next one. Consider facilitating secondary workshops | |
244 | afterwards for people that had trouble grasping the concepts, or those that | |
245 | grasped them quickly and want to learn more.</p> | |
246 | ||
247 | <p>In <a href="index.html#section2">Section 2</a> of the guide, make | |
248 | sure the participants upload their keys to the same keyserver so that | |
249 | they can immediately download each other's keys later (sometimes | |
250 | there is a delay in synchronization between keyservers). During <a | |
251 | href="index.html#section3">Section 3</a>, give the participants the option to | |
252 | send test messages to each other instead of or as well as Edward. Similarly, | |
253 | in <a href="index.html#section4">Section 4</a>, encourage the participants | |
254 | to sign each other's keys. At the end, make sure to remind people to safely | |
255 | back up their revocation certificates.</p> | |
256 | ||
257 | </div><!-- End .section-intro --> | |
258 | </div></section> | |
259 | ||
260 | <!-- ~~~~~~~~~ Section 4: Explain the pitfalls ~~~~~~~~~ --> | |
261 | <section class="row" id="section4"><div> | |
262 | ||
263 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
264 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
265 | margin-bottom: 0px;"> | |
266 | ||
267 | <h2><em>#4</em> Explain the pitfalls</h2> | |
268 | ||
269 | <p>Remind participants that encryption works only when it's explicitly used; | |
270 | they won't be able to send an encrypted email to someone who hasn't already | |
271 | set up encryption. Also remind participants to double-check the encryption icon | |
272 | before hitting send, and that subjects and timestamps are never encrypted.</p> | |
273 | ||
274 | <p> Explain the <a | |
275 | href="https://www.gnu.org/proprietary/proprietary.html">dangers | |
276 | of running a proprietary system</a> and | |
277 | advocate for free software, because without it, we can't <a | |
278 | href="https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance">meaningfully | |
279 | resist invasions of our digital privacy and autonomy</a>.</p> | |
280 | ||
281 | </div><!-- End .section-intro --> | |
282 | </div></section><!-- End #section4 --> | |
283 | ||
284 | <!-- ~~~~~~~~~ Section 5: Explain The Pitfalls ~~~~~~~~~ --> | |
285 | <section id="section5" class="row"><div> | |
286 | ||
287 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
288 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
289 | margin-bottom: 0px;"> | |
290 | ||
291 | <h2><em>#5</em> Share additional resources</h2> | |
292 | ||
293 | <p>GnuPG's advanced options are far too complex to teach in a single | |
294 | workshop. If participants want to know more, point out the advanced subsections | |
295 | in the guide and consider organizing another workshop. You can also share | |
296 | <a href="https://www.gnupg.org/documentation/index.html">GnuPG's</a> | |
297 | official documentation and mailing lists, and the <a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">Email Self-Defense feedback</a> page. Many GNU/Linux distribution's Web | |
298 | sites also contain a page explaining some of GnuPG's advanced features.</p> | |
299 | ||
300 | </div><!-- End .section-intro --> | |
301 | </div></section><!-- End #section5 --> | |
302 | ||
303 | <!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ --> | |
304 | <section class="row" id="section6"><div> | |
305 | ||
306 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
307 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
308 | margin-bottom: 0px;"> | |
309 | ||
310 | <h2><em>#6</em> Follow up</h2> | |
311 | ||
312 | <p>Make sure everyone has shared email addresses and public key fingerprints | |
313 | before they leave. Encourage the participants to continue to gain GnuPG | |
314 | experience by emailing each other. Send them each an encrypted email one | |
315 | week after the event, reminding them to try adding their public key ID to | |
316 | places where they publicly list their email address.</p> | |
317 | ||
318 | <p>If you have any suggestions for improving this workshop guide, please | |
319 | let us know at <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>.</p> | |
320 | ||
321 | </div><!-- End .section-intro --> | |
322 | </div></section><!-- End #section6 --> | |
323 | <!-- ~~~~~~~~~ Footer ~~~~~~~~~ --> | |
324 | <footer class="row" id="footer"><div> | |
325 | <div id="copyright"> | |
326 | ||
327 | <h4><a href="https://u.fsf.org/ys"><img | |
328 | alt="Free Software Foundation" | |
329 | src="../static/img/fsf-logo.png" /></a></h4> | |
330 | ||
331 | <p>Copyright © 2014-2021 <a | |
332 | href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a | |
333 | href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please | |
334 | support our work by <a href="https://u.fsf.org/yr">joining us as an associate | |
335 | member.</a></p> | |
336 | ||
337 | <p>The images on this page are under a <a | |
338 | href="https://creativecommons.org/licenses/by/4.0/">Creative Commons | |
339 | Attribution 4.0 license (or later version)</a>, and the rest of it is under | |
340 | a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons | |
341 | Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a | |
342 | href="https://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz"> | |
343 | source code of Edward reply bot</a> by Andrew Engelbrecht | |
344 | <andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, | |
345 | available under the GNU Affero General Public License. <a | |
346 | href="https://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these | |
347 | licenses?</a></p> | |
348 | ||
349 | <p>Fonts used in the guide & infographic: <a | |
350 | href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo | |
351 | Impallari, <a href="https://www.google.com/fonts/specimen/Signika">Signika</a> | |
352 | by Anna Giedryś, <a | |
353 | href="https://www.google.com/fonts/specimen/Archivo+Narrow">Archivo | |
354 | Narrow</a> by Omnibus-Type, <a | |
355 | href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> | |
356 | by Florian Cramer.</p> | |
357 | ||
358 | <p>Download the <a href="emailselfdefense_source.zip">source package</a> | |
359 | for this guide, including fonts, image source files and the text of Edward's | |
360 | messages.</p> | |
361 | ||
362 | <p>This site uses the Weblabels standard for labeling <a | |
363 | href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View | |
364 | the JavaScript <a href="https://weblabels.fsf.org/emailselfdefense.fsf.org/" | |
365 | rel="jslicense">source code and license information</a>.</p> | |
366 | ||
367 | </div><!-- /#copyright --> | |
368 | ||
369 | <p class="credits">Infographic and guide design by <a rel="external" | |
370 | href="https://jplusplus.org"><strong>Journalism++</strong><img | |
371 | src="../static/img/jplusplus.png" | |
372 | alt="Journalism++" /></a></p><!-- /.credits --> | |
373 | </div></footer><!-- End #footer --> | |
374 | ||
375 | <script type="text/javascript" | |
376 | src="../static/js/jquery-1.11.0.min.js"></script> | |
377 | <!-- Piwik --> | |
378 | <script type="text/javascript"> | |
379 | // @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-2.0-or-later | |
380 | var _paq = _paq || []; | |
381 | _paq.push(["trackPageView"]); | |
382 | _paq.push(["enableLinkTracking"]); | |
383 | ||
384 | (function() { | |
385 | var u = (("https:" == document.location.protocol) ? "https" : "http") + "://"+"piwik.fsf.org//"; | |
386 | _paq.push(["setTrackerUrl", u+"piwik.php"]); | |
387 | _paq.push(["setSiteId", "13"]); | |
388 | var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript"; | |
389 | g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s); | |
390 | })(); | |
391 | // @license-end | |
392 | </script> | |
393 | <!-- End Piwik Code --> | |
394 | <!-- Piwik Image Tracker --> | |
395 | <noscript><img src="https://piwik.fsf.org//piwik.php?idsite=13&rec=1" style="border:0" alt="" /></noscript> | |
396 | <!-- End Piwik --> | |
397 | </body> | |
398 | </html> |