<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
<meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" />
- <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 30 minutes with GnuPG." />
+ <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG. " />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
<!-- Language list for browsers that do not have JS enabled -->
<ul id="languages" class="os">
- <li><a class="current" href="/en">english - v4.0</a></li>
- <li><a href="/es">español - v3.0</a></li>
- <li><a href="/fr">français - v3.0</a></li>
- <li><a href="/de">deutsch - v3.0</a></li>
- <li><a href="/it">italiano - v3.0</a></li>
- <li><a href="/pt-br">português do Brasil - v3.0</a></li>
- <li><a href="/tr">türkçe - v3.0</a></li>
- <li><a href="/ro">română - v3.0</a></li>
- <li><a href="/ru">русский - v3.0</a></li>
- <!--<li><a href="/ml">മലയാളം</a></li>-->
- <!--<li><a href="/ko">한국어</a></li>-->
- <li><a href="/ja">日本語 - v3.0</a></li>
- <li><a href="/el">ελληνικά - v3.0</a></li>
- <!--<li><a href="/ar">العربية</a></li>-->
+<li><a class="current" href="/en">English - v4.0</a></li>
+<!--<li><a href="/ar">العربية</a></li>-->
+<li><a href="/cs">Čeština - v4.0</a></li>
+<li><a href="/de">Deutsch - v3.0</a></li>
+<li><a href="/el">ελληνικά - v3.0</a></li>
+<li><a href="/es">español - v4.0</a></li>
+<li><a href="/fa">فارسی - v4.0</a></li>
+<li><a href="/fr">français - v4.0</a></li>
+<li><a href="/it">italiano - v3.0</a></li>
+<li><a href="/ja">日本語 - v4.0</a></li>
+<!--<li><a href="/ko">한국어</a></li>-->
+<!--<li><a href="/ml">മലയാളം</a></li>-->
+<li><a href="/pt-br">português do Brasil - v3.0</a></li>
+<li><a href="/ro">română - v3.0</a></li>
+<li><a href="/ru">русский - v4.0</a></li>
+<li><a href="/sq">Shqip - v3.0</a></li>
+<li><a href="/sv">svenska - v4.0</a></li>
+<li><a href="/tr">Türkçe - v4.0</a></li>
<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span style="color: #2F5FAA;">Translate!</span></strong></a></li>
</ul>
<a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
Share
<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]">
+ class="share-logo" alt="[GNU Social]" />
<img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]">
+ class="share-logo" alt="[Pump.io]" />
<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
- class="share-logo" alt="[Reddit]">
+ class="share-logo" alt="[Reddit]" />
<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
- class="share-logo" alt="[Hacker News]">
+ class="share-logo" alt="[Hacker News]" />
</a>
</li>
</ul>
</p>
<p>
<strong>
- Please donate to support Email Self-Defense. We need to keep improving it and making other materials like, for the benefit of people around the world taking the first step towards protecting their privacy.
+ Please donate to support Email Self-Defense. We need to keep improving it, and making more materials, for the benefit of people around the world taking the first step towards protecting their privacy.
</strong>
</p>
</div>
<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
<div class="intro">
<p>
- <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambed to make sure a surveillance agent or thief intercepting your email can't read them. All you need is a computer with an Internet connection, an email account, and about forty minutes.</p>
+ <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambled to make sure a surveillance agent or thief intercepting your email can't read them. All you need is a computer with an Internet connection, an email account, and about forty minutes.</p>
<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that whistleblowers use to protect their identities while shining light on human rights abuses, corruption and other crimes.</p>
<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
<div class="section-intro">
<h2><em>#1</em> Get the pieces</h2>
- <p class="notes">This guide relies on software which is <a href="https://www.gnu.org/philosophy/free-sw.
en.html">freely licensed</a>; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
+ <p class="notes">This guide relies on software which is <a href="https://www.gnu.org/philosophy/free-sw.html">freely licensed</a>; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
<p>Most GNU/Linux operating systems come with GnuPG installed on them, so you don't have to download it. Before configuring GnuPG though, you'll need the IceDove desktop email program installed on your computer. Most GNU/Linux distributions have IceDove installed already, though it may be under the alternate name "Thunderbird." Email programs are another way to access the same email accounts you can access in a browser (like Gmail), but provide extra features.</p>
<p>If you already have an email program, you can skip to <a href="#step-1b">Step 1.b</a>.</p>
<p>Your public key isn't like a physical key, because it's stored in the open in an online directory called a keyserver. People download it and use it, along with GnuPG, to encrypt emails they send to you. You can think of the keyserver as a phonebook; people who want to send you encrypted email can look up your public key.</p>
- <p>Your private key is more like a physical key, because you keep it to yourself (on your computer). You use GnuPG and your private key together to descramble encrypted emails other people send to you. <span style="font-weight: bold;">You should never share you private key with anyone, under any circumstances.</span></p>
+ <p>Your private key is more like a physical key, because you keep it to yourself (on your computer). You use GnuPG and your private key together to descramble encrypted emails other people send to you. <span style="font-weight: bold;">You should never share your private key with anyone, under any circumstances.</span></p>
<p>In addition to encryption and decryption, you can also use these keys to sign messages and check the authenticity of other people's signatures. We'll discuss this more in the next section.</p>
</div><!-- End .section-intro -->
<li>On the screen titled "Encryption," select "Encrypt all of my messages by default, because privacy is critical to me."</li>
<li>On the screen titled "Signing," select "Don't sign my messages by default."</li>
<li>On the screen titled "Key Selection," select "I want to create a new key pair for signing and encrypting my email."</li>
- <li>On the screen titled "Create Key," pick a strong password! You can do it manually, or you can use the Diceware method. Doing it manually is faster but not as secure. Using Diceware takes longer and requires dice, but creates a password that is much harder for attackers figure out. To use it, read the section "Make a secure passphrase with Diceware" in <a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">this article</a> by Micah Lee.</p>
-</a>
+ <li>On the screen titled "Create Key," pick a strong password! You can do it manually, or you can use the Diceware method. Doing it manually is faster but not as secure. Using Diceware takes longer and requires dice, but creates a password that is much harder for attackers figure out. To use it, read the section "Make a secure passphrase with Diceware" in <a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">this article</a> by Micah Lee.</li>
</ul>
<p>If you'd like to pick a password manually, come up with something you can remember which is at least twelve characters long, and includes at least one lower case and upper case letter and at least one number or punctuation symbol. Never pick a password you've used elsewhere. Don't use any recognizable patterns, such as birthdays, telephone numbers, pets' names, song lyrics, quotes from books, and so on.</p>
<dl>
<dt>The progress bar never finishes</dt>
<dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
- <dt>My key doesnt appear in the list</dt>
+ <dt>My key doesn't appear in the list</dt>
<dd>Try checking "Display All Keys by Default."</dd>
<dt>More documentation</dt>
<dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-5a" class="step">
<div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png" alt="Section 5: Use it Well" /></p>
+ <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png" alt="Section 5: Use it Well (1)" /></p>
</div><!-- /.sidebar -->
<div class="main">
<h3>When should I encrypt? When should I sign?</h3>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-5b" class="step">
<div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png" alt="Section 5: Use it Well" /></p>
+ <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png" alt="Section 5: Use it Well (2)" /></p>
</div><!-- /.sidebar -->
<div class="main">
<h3>Be wary of invalid keys</h3>
<div class="main">
<h3>Transferring you key</h3>
<p>You can use Enigmail's <a href="https://www.enigmail.net/documentation/keyman.php">key management window</a> to import and export keys. If you want to be able to read your encrypted email on a different computer, you will need to export your secret key from here. Be warned, if you transfer the key without <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a> the drive it's on the transfer will be dramatically less secure.</p>
- </div><!-- End .main -->
+ </div>--><!-- End .main -->
</div><!-- End #step-lost_key .step-->
<h3>Webmail and GnuPG</h3>
<p>When you use a web browser to access your email, you're using webmail, an email program stored on a distant website. Unlike webmail, your desktop email program runs on your own computer. Although webmail can't decrypt encrypted email, it will still display it in its encrypted form. If you primarily use webmail, you'll know to open your email client when you receive a scrambled email.</p>
</div><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
+ </div><!-- End #webmail-and-GnuPG .step-->
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
<div id="step-5d" class="step">
<p> First add your public key fingerprint to your email signature, then compose an email to at least five of your friends, telling them you just set up GnuPG and mentioning your public key fingerprint. Link to this guide and ask them to join you. Don't forget that there's also an awesome <a href="infographic.html">infographic to share.</a></p>
<p class="notes">Start writing your public key fingerprint anywhere someone would see your email address: your social media profiles, blog, Website, or business card. (At the Free Software Foundation, we put ours on our <a href="https://fsf.org/about/staff">staff page</a>.) We need to get our culture to the point that we feel like something is missing when we see an email address without a public key fingerprint.</p>
- </div><!-- End .main
+ </div>--><!-- End .main
</div> End #step-5d .step-->
-
-</div>
</section><!-- End #section5 -->
<!-- End Piwik Tracking Code -->
-
+<!-- test comment -->
</body>
</html>
projects / enc-live.git / blobdiff