4 <meta http-equiv=
"content-type" content=
"text/html; charset=utf-8" />
5 <title>Email Self-Defense - a guide to fighting surveillance with GnuPG
7 <meta name=
"keywords" content=
"GnuPG, GPG, openpgp, surveillance, privacy,
9 <meta name=
"description" content=
"Email surveillance violates our fundamental
10 rights and makes free speech risky. This guide will teach you email
11 self-defense in 40 minutes with GnuPG." />
12 <meta name=
"viewport" content=
"width=device-width, initial-scale=1" />
13 <link rel=
"stylesheet" href=
"//static.fsf.org/nosvn/enc-dev0/css/main.css" />
14 <link rel=
"shortcut icon"
15 href=
"//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
20 <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
21 <header class=
"row" id=
"header"><div>
23 <h1>Email Self-Defense
</h1>
25 <!-- Language list for browsers that do not have JS enabled -->
26 <ul id=
"languages" class=
"os">
27 <li><a class=
"current" href=
"/en">English - v4.0
</a></li>
28 <li><a href=
"/ar">العربية
<span class=
"tip">tip
</span></a></li>
29 <li><a href=
"/cs">čeština - v4.0
</a></li>
30 <li><a href=
"/de">Deutsch - v4.0
</a></li>
31 <li><a href=
"/el">ελληνικά - v3.0
</a></li>
32 <li><a href=
"/es">español - v4.0
</a></li>
33 <li><a href=
"/fa">فارسی - v4.0
</a></li>
34 <li><a href=
"/fr">français - v4.0
</a></li>
35 <li><a href=
"/it">italiano - v3.0
</a></li>
36 <li><a href=
"/ja">日本語 - v4.0
</a></li>
37 <li><a href=
"/ko">한국어
<span class=
"tip">tip
</span></a></li>
38 <li><a href=
"/ml">മലയാളം
<span class=
"tip">tip
</span></a></li>
39 <li><a href=
"/pt-br">português do Brasil - v3.0
</a></li>
40 <li><a href=
"/ro">română - v3.0
</a></li>
41 <li><a href=
"/ru">русский - v4.0
</a></li>
42 <li><a href=
"/sq">Shqip - v4.0
</a></li>
43 <li><a href=
"/sv">svenska - v4.0
</a></li>
44 <li><a href=
"/tr">Türkçe - v4.0
</a></li>
45 <li><a href=
"/zh-hans">简体中文 - v4.0
</a></li>
46 <li><a href=
"https://libreplanet.org/wiki/GPG_guide/Translation_Guide">
47 <strong><span style=
"color: #2F5FAA;">Translate!
</span></strong></a></li>
50 <ul id=
"menu" class=
"os">
51 <li class=
"spacer"><a href=
"index.html">GNU/Linux
</a></li>
52 <li><a href=
"mac.html">Mac OS
</a></li>
53 <li><a href=
"windows.html">Windows
</a></li>
54 <li><a href=
"workshops.html" class=
"current">Teach your friends
</a></li>
55 <li><a href=
"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email
56 encryption for everyone via %40fsf">Share
58 src=
"//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class=
"share-logo"
59 alt=
"[GNU Social]" />
61 src=
"//static.fsf.org/nosvn/enc-dev0/img/mastodon.png" class=
"share-logo"
62 alt=
"[Mastodon]" />
64 src=
"//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class=
"share-logo"
65 alt=
"[Reddit]" />
67 src=
"//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class=
"share-logo"
68 alt=
"[Hacker News]" />
72 <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
75 <h3><a href=
"http://u.fsf.org/ys"><img
76 alt=
"Free Software Foundation"
77 src=
"//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
80 <div class=
"fsf-emphasis">
82 <p>We want to translate this guide
83 into more languages, and make a version for encryption on mobile
84 devices. Please donate, and help people around the world take the first
85 step towards protecting their privacy with free software.
</p>
90 href=
"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
92 src=
"//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
94 </div><!-- End #fsf-intro -->
96 <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
99 <p><a id=
"infographic"
100 href=
"https://emailselfdefense.fsf.org/en/infographic.html"><img
101 src=
"//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
102 alt=
"View & share our infographic →" /></a>
103 Understanding and setting up email encryption sounds like a daunting task
104 to many people. That's why helping your friends with GnuPG plays such an
105 important role in helping spread encryption. Even if only one person shows
106 up, that's still one more person using encryption who wasn't before. You have
107 the power to help your friends keep their digital love letters private, and
108 teach them about the importance of free software. If you use GnuPG to send and
109 receive encrypted email, you're a perfect candidate for leading a workshop!
</p>
111 </div><!-- End .intro -->
112 </div></header><!-- End #header -->
114 <!-- ~~~~~~~~~ Section 1: Get your friends or community interested ~~~~~~~~~
116 <section style=
"padding-top: 0px;" class=
"row" id=
"section1">
117 <div style=
"padding-top: 0px;">
119 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
120 <div class=
"section-intro">
122 <p style=
"margin-top: 0px;" class=
"image"><img
123 src=
"//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png"
124 alt=
"A small workshop among friends" /></p>
126 <h2><em>#
1</em> Get your friends or community interested
</h2>
128 <p>If you hear friends grumbling about their lack of privacy, ask them if
129 they're interested in attending a workshop on Email Self-Defense. If your
130 friends don't grumble about privacy, they may need some convincing. You might
131 even hear the classic
"if you've got nothing to hide, you've got nothing to
132 fear" argument against using encryption.
</p>
134 <p>Here are some talking points you can use to help explain why it's worth
135 it to learn GnuPG. Mix and match whichever you think will make sense to
138 </div><!-- End .section-intro -->
139 <div id=
"step-aa" class=
"step">
140 <div class=
"sidebar">
141 <!-- Workshops image commented out from here, to be used above instead.
143 <p><img id="workshops-image"
144 src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png"
145 alt="Workshop icon"></p>-->
146 </div><!-- /.sidebar -->
149 <h3>Strength in numbers
</h3>
151 <p>Each person who chooses to resist mass surveillance with encryption makes
152 it easier for others to resist as well. People normalizing the use of strong
153 encryption has multiple powerful effects: it means those who need privacy
154 the most, like potential whistle-blowers and activists, are more likely to
155 learn about encryption. More people using encryption for more things also
156 makes it harder for surveillance systems to single out those that can't
157 afford to be found, and shows solidarity with those people.
</p>
159 </div><!-- End .main -->
162 <h3>People you respect may already be using encryption
</h3>
164 <p>Many journalists, whistleblowers, activists, and researchers use GnuPG,
165 so your friends might unknowingly have heard of a few people who use it
166 already. You can search for
"BEGIN PUBLIC KEY BLOCK" + keyword to help make
167 a list of people and organizations who use GnuPG whom your community will
168 likely recognize.
</p>
170 </div><!-- End .main -->
173 <h3>Respect your friends' privacy
</h3>
175 <p>There's no objective way to judge what constitutes privacy-sensitive
176 correspondence. As such, it's better not to presume that just because you
177 find an email you sent to a friend innocuous, your friend (or a surveillance
178 agent, for that matter!) feels the same way. Show your friends respect by
179 encrypting your correspondence with them.
</p>
181 </div><!-- End .main -->
184 <h3>Privacy technology is normal in the physical world
</h3>
186 <p>In the physical realm, we take window blinds, envelopes, and closed doors
187 for granted as ways of protecting our privacy. Why should the digital realm
188 be any different?
</p>
190 </div><!-- End .main -->
193 <h3>We shouldn't have to trust our email providers with our privacy
</h3>
195 <p>Some email providers are very trustworthy, but many have incentives not
196 to protect your privacy and security. To be empowered digital citizens,
197 we need to build our own security from the bottom up.
</p>
199 </div><!-- End .main -->
200 </div><!-- End #step-aa .step -->
201 </div></section><!-- End #section1 -->
203 <!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ -->
204 <section class=
"row" id=
"section2"><div>
206 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
207 <div class=
"section-intro" style=
"border: none; padding-bottom: 0px;
208 margin-bottom: 0px;">
210 <h2><em>#
2</em> Plan The Workshop
</h2>
212 <p>Once you've got at least one interested friend, pick a date and start
213 planning out the workshop. Tell participants to bring their computer and
214 ID (for signing each other's keys). If you'd like to make it easy for the
215 participants to use Diceware for choosing passwords, get a pack of dice
216 beforehand. Make sure the location you select has an easily accessible
217 Internet connection, and make backup plans in case the connection stops
218 working on the day of the workshop. Libraries, coffee shops, and community
219 centers make great locations. Try to get all the participants to set up
220 an Enigmail-compatible email client before the event. Direct them to their
221 email provider's IT department or help page if they run into errors.
</p>
223 <p>Estimate that the workshop will take at least forty minutes plus ten minutes
224 for each participant. Plan extra time for questions and technical glitches.
</p>
226 <p>The success of the workshop requires understanding and catering to
227 the unique backgrounds and needs of each group of participants. Workshops
228 should stay small, so that each participant receives more individualized
229 instruction. If more than a handful of people want to participate, keep the
230 facilitator to participant ratio high by recruiting more facilitators, or by
231 facilitating multiple workshops. Small workshops among friends work great!
</p>
233 </div><!-- End .section-intro -->
234 </div></section><!-- End #section2 -->
236 <!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ -->
237 <section class=
"row" id=
"section3"><div>
239 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
240 <div class=
"section-intro" style=
"border: none; padding-bottom: 0px;
241 margin-bottom: 0px;">
243 <h2><em>#
3</em> Follow the guide as a group
</h2>
245 <p>Work through the Email Self-Defense guide a step at a time as a group. Talk
246 about the steps in detail, but make sure not to overload the participants
247 with minutia. Pitch the bulk of your instructions to the least tech-savvy
248 participants. Make sure all the participants complete each step before the
249 group moves on to the next one. Consider facilitating secondary workshops
250 afterwards for people that had trouble grasping the concepts, or those that
251 grasped them quickly and want to learn more.
</p>
253 <p>In
<a href=
"index.html#section2">Section
2</a> of the guide, make
254 sure the participants upload their keys to the same keyserver so that
255 they can immediately download each other's keys later (sometimes
256 there is a delay in synchronization between keyservers). During
<a
257 href=
"index.html#section3">Section
3</a>, give the participants the option to
258 send test messages to each other instead of or as well as Edward. Similarly,
259 in
<a href=
"index.html#section4">Section
4</a>, encourage the participants
260 to sign each other's keys. At the end, make sure to remind people to safely
261 back up their revocation certificates.
</p>
263 </div><!-- End .section-intro -->
266 <!-- ~~~~~~~~~ Section 4: Explain the pitfalls ~~~~~~~~~ -->
267 <section class=
"row" id=
"section4"><div>
269 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
270 <div class=
"section-intro" style=
"border: none; padding-bottom: 0px;
271 margin-bottom: 0px;">
273 <h2><em>#
4</em> Explain the pitfalls
</h2>
275 <p>Remind participants that encryption works only when it's explicitly used;
276 they won't be able to send an encrypted email to someone who hasn't already
277 set up encryption. Also remind participants to double-check the encryption icon
278 before hitting send, and that subjects and timestamps are never encrypted.
</p>
281 href=
"https://www.gnu.org/proprietary/proprietary.html">dangers
282 of running a proprietary system
</a> and
283 advocate for free software, because without it, we can't
<a
284 href=
"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance">meaningfully
285 resist invasions of our digital privacy and autonomy
</a>.
</p>
287 </div><!-- End .section-intro -->
288 </div></section><!-- End #section4 -->
290 <!-- ~~~~~~~~~ Section 5: Explain The Pitfalls ~~~~~~~~~ -->
291 <section id=
"section5" class=
"row"><div>
293 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
294 <div class=
"section-intro" style=
"border: none; padding-bottom: 0px;
295 margin-bottom: 0px;">
297 <h2><em>#
5</em> Share additional resources
</h2>
299 <p>GnuPG's advanced options are far too complex to teach in a single
300 workshop. If participants want to know more, point out the advanced subsections
301 in the guide and consider organizing another workshop. You can also share
302 <a href=
"https://www.gnupg.org/documentation/index.html">GnuPG's
</a> and
303 <a href=
"https://www.enigmail.net/index.php/documentation">Enigmail's
</a>
304 official documentation and mailing lists. Many GNU/Linux distribution's Web
305 sites also contain a page explaining some of GnuPG's advanced features.
</p>
307 </div><!-- End .section-intro -->
308 </div></section><!-- End #section5 -->
310 <!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
311 <section class=
"row" id=
"section6"><div>
313 <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
314 <div class=
"section-intro" style=
"border: none; padding-bottom: 0px;
315 margin-bottom: 0px;">
317 <h2><em>#
6</em> Follow up
</h2>
319 <p>Make sure everyone has shared email addresses and public key fingerprints
320 before they leave. Encourage the participants to continue to gain GnuPG
321 experience by emailing each other. Send them each an encrypted email one
322 week after the event, reminding them to try adding their public key ID to
323 places where they publicly list their email address.
</p>
325 <p>If you have any suggestions for improving this workshop guide, please
326 let us know at
<a href=
"mailto:campaigns@fsf.org">campaigns@fsf.org
</a>.
</p>
328 </div><!-- End .section-intro -->
329 </div></section><!-- End #section6 -->
330 <!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
331 <footer class=
"row" id=
"footer"><div>
334 <h4><a href=
"https://u.fsf.org/ys"><img
335 alt=
"Free Software Foundation"
336 src=
"//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
338 <p>Copyright
© 2014-
2016 <a
339 href=
"https://u.fsf.org/ys">Free Software Foundation
</a>, Inc.
<a
340 href=
"https://my.fsf.org/donate/privacypolicy.html">Privacy Policy
</a>. Please
341 support our work by
<a href=
"https://u.fsf.org/yr">joining us as an associate
344 <p>The images on this page are under a
<a
345 href=
"https://creativecommons.org/licenses/by/4.0/">Creative Commons
346 Attribution
4.0 license (or later version)
</a>, and the rest of it is under
347 a
<a href=
"https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
348 Attribution-ShareAlike
4.0 license (or later version)
</a>. Download the
<a
349 href=
"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
350 source code of Edward reply bot
</a> by Andrew Engelbrecht
351 <andrew@engelbrecht.io
> and Josh Drake
<zamnedix@gnu.org
>,
352 available under the GNU Affero General Public License.
<a
353 href=
"http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
356 <p>Fonts used in the guide
& infographic:
<a
357 href=
"https://www.google.com/fonts/specimen/Dosis">Dosis
</a> by Pablo
358 Impallari,
<a href=
"http://www.google.com/fonts/specimen/Signika">Signika
</a>
359 by Anna Giedry
ś,
<a
360 href=
"http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
361 Narrow
</a> by Omnibus-Type,
<a
362 href=
"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-
2000</a>
363 by Florian Cramer.
</p>
365 <p>Download the
<a href=
"emailselfdefense_source.zip">source package
</a>
366 for this guide, including fonts, image source files and the text of Edward's
369 <p>This site uses the Weblabels standard for labeling
<a
370 href=
"https://www.fsf.org/campaigns/freejs">free JavaScript
</a>. View
371 the JavaScript
<a href=
"//weblabels.fsf.org/emailselfdefense.fsf.org/"
372 rel=
"jslicense">source code and license information
</a>.
</p>
374 </div><!-- /#copyright -->
376 <p class=
"credits">Infographic and guide design by
<a rel=
"external"
377 href=
"http://jplusplus.org"><strong>Journalism++
</strong><img
378 src=
"//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
379 alt=
"Journalism++" /></a></p><!-- /.credits -->
380 </div></footer><!-- End #footer -->
382 <script type=
"text/javascript"
383 src=
"//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
384 <script type=
"text/javascript"
385 src=
"//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
387 <script type=
"text/javascript" ><!--
388 // @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
389 var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
390 document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
392 var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 13);
393 piwikTracker.trackPageView();
394 piwikTracker.enableLinkTracking();
399 src=
"//piwik.fsf.org/piwik.php?idsite=13" style=
"border:0"
400 alt=
"" /></p></noscript>
401 <!-- End Piwik Tracking Code -->