<div class="intro">
<p>
<a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/infographic-button.png" alt="View & share our infographic →" /></a>
- Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure that a surveillance agent or thief that intercepts your email can't read it. All you need is a computer with an Internet connection, an email account and about half an hour.</p>
+ Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure a surveillance agent or thief intercepting your email can't read it. All you need is a computer with an Internet connection, an email account, and about half an hour.</p>
<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that Edward Snowden used to share his famous secrets about the NSA.</p>
<h2><em>#1</em> Get the pieces</h2>
<p class="notes">This guide relies on software which is freely licensed; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
-<p>Most GNU/Linux operating systems come with GnuPG installed on them, so you don't have to download it. Before configuring GnuPG though, you'll need a desktop email program installed on your computer. Most GNU/Linux distributions have a free software version of the Thunderbird email program available to install. This guide will work with them, in addition to Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like GMail), but provide extra features.</p>
+<p>Most GNU/Linux operating systems come with GnuPG installed on them, so you don't have to download it. Before configuring GnuPG though, you'll need a desktop email program installed on your computer. Most GNU/Linux distributions have a free software version of the Thunderbird email program available to install. This guide will work with them, in addition to Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like Gmail), but provide extra features.</p>
<p>If you are already have one of these, you can skip to <a href="#step-1b">Step 1.b</a>.</p>
</div><!-- End .section-intro -->
<p><img src="//static.fsf.org/nosvn/enc-dev0/img/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
</div><!-- /.sidebar -->
<div class="main">
- <h3><em>Step 1.a</em> Set your email program up with your email account (if it isn't already)</h3>
+ <h3><em>Step 1.a</em> Setup your email program with your email account (if it isn't already)</h3>
<p>Open your email program and follow the wizard that sets it up with your email account.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<h4>Troubleshooting</h4>
<dl>
<dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are on the Internet and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
+ <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
<dt>My key doesnt appear in the list</dt>
<dd>Try checking Show Default Keys.</dd>
<h2><em>#4</em> Learn the Web of Trust</h2>
<p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, into a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
+<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, forming a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
<p>People's public keys are usually identified by their key fingerprint, which is a string of digits like DD878C06E8C2BEDDD4A440D3E573346992AB3FF7 (for Adele's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to OpenPGP → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
<h3><em>Step 4.a</em> Sign a key</h3>
<p>In your email program's menu, go to OpenPGP → Key Management.</p>
<p>Right click on Adele's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click OK.</p>
- <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit OK.</p>
+ <p>In the window that pops up, select "I will not answer" and click ok.</p>
+ <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit ok.</p>
<p class="notes">You've just effectively said "I trust that Adele's public key actually belongs to Adele." This doesn't mean much because Adele isn't a real person, but it's good practice.</p>
<div class="main">
<h3>When should I encrypt?</h3>
- <p>The more you can encrypt your messages, the better. This is because, if you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
+ <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
<p>That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
<div id="step-5c" class="step">
<div class="main">
<h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk or hard drive stored in a safe place in your home.</p>
-<p>If your private key ever gets lost or stolen, you'll need this certificate file.</p>
+ <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home.</p>
+<p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
</div><!-- End .main -->
</div><!-- End #step-5c .step -->
<div class="intro">
<p>
<a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/infographic-button.png" alt="View & share our infographic →" /></a>
- Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure that a surveillance agent or thief that intercepts your email can't read it. All you need is a computer with an Internet connection, an email account and about half an hour.</p>
+ Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure a surveillance agent or thief intercepting your email can't read it. All you need is a computer with an Internet connection, an email account, and about half an hour.</p>
<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that Edward Snowden used to share his famous secrets about the NSA.</p>
<div class="section-intro">
<h2><em>#1</em> Get the pieces</h2>
<p class="notes">This guide relies on software which is freely licensed; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). To defend your freedom as well as protect yourself from surveillance, we recommend you switch to a free software operating system like GNU/Linux. Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
- <p>To get started, you'll need a desktop email program installed on your computer. This guide works with free software versions of the Thunderbird email program, and with Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like GMail), but provide extra features.</p>
+ <p>To get started, you'll need a desktop email program installed on your computer. This guide works with free software versions of the Thunderbird email program, and with Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like Gmail), but provide extra features.</p>
<p>If you are already have one of these, you can skip to <a href="#step-1b">Step 1.b</a>.</p>
</div><!-- End .section-intro -->
<p><img src="//static.fsf.org/nosvn/enc-dev0/img/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
</div><!-- /.sidebar -->
<div class="main">
- <h3><em>Step 1.a</em> Set your email program up with your email account (if it isn't already)</h3>
+ <h3><em>Step 1.a</em> Setup your email program with your email account (if it isn't already)</h3>
<p>Open your email program and follow the wizard that sets it up with your email account.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<h4>Troubleshooting</h4>
<dl>
<dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are on the Internet and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
+ <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
<dt>My key doesnt appear in the list</dt>
<dd>Try checking Show Default Keys.</dd>
<h2><em>#4</em> Learn the Web of Trust</h2>
<p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, into a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
+<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, forming a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
<p>People's public keys are usually identified by their key fingerprint, which is a string of digits like DD878C06E8C2BEDDD4A440D3E573346992AB3FF7 (for Adele's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to OpenPGP → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
<h3><em>Step 4.a</em> Sign a key</h3>
<p>In your email program's menu, go to OpenPGP → Key Management.</p>
<p>Right click on Adele's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click OK.</p>
- <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit OK.</p>
+ <p>In the window that pops up, select "I will not answer" and click ok.</p>
+ <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit ok.</p>
<p class="notes">You've just effectively said "I trust that Adele's public key actually belongs to Adele." This doesn't mean much because Adele isn't a real person, but it's good practice.</p>
<div class="main">
<h3>When should I encrypt?</h3>
- <p>The more you can encrypt your messages, the better. This is because, if you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
+ <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
<p>That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
<div id="step-5c" class="step">
<div class="main">
<h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk or hard drive stored in a safe place in your home.</p>
-<p>If your private key ever gets lost or stolen, you'll need this certificate file.</p>
+ <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home.</p>
+<p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
</div><!-- End .main -->
</div><!-- End #step-5c .step -->
<h3>Protect more of your digital life</h3>
- <p>Learn surveillance-resistant technologies for instant messages, hard drive storage, online sharing and more at <a href="https://directory.fsf.org/wiki/Collection:Privacy_pack"> the Free Software Directory's Privacy Pack</a> and <a href="https://prism-break.org">prism-break.org</a>.</p> <p>If you are using Windows, Mac OS or any other proprietary operating system, we recommend you switch to a free software operating system like GNU/Linux. This will make it much harder for attackers to enter your computer through hidden back doors. Check out the Free Software Foundation's <a href="http://www.gnu.org/distros/free-distros.html">endorsed versions of GNU/Linux.</a></p>
+ <p>Learn surveillance-resistant technologies for instant messages, hard drive storage, online sharing, and more at <a href="https://directory.fsf.org/wiki/Collection:Privacy_pack"> the Free Software Directory's Privacy Pack</a> and <a href="https://prism-break.org">prism-break.org</a>.</p> <p>If you are using Windows, Mac OS or any other proprietary operating system, we recommend you switch to a free software operating system like GNU/Linux. This will make it much harder for attackers to enter your computer through hidden back doors. Check out the Free Software Foundation's <a href="http://www.gnu.org/distros/free-distros.html">endorsed versions of GNU/Linux.</a></p>
</div><!-- End .main -->
</div><!-- End #step-more_technologies .step -->
<div class="intro">
<p>
<a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/infographic-button.png" alt="View & share our infographic →" /></a>
- Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure that a surveillance agent or thief that intercepts your email can't read it. All you need is a computer with an Internet connection, an email account and about half an hour.</p>
+ Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are coded to make sure a surveillance agent or thief intercepting your email can't read it. All you need is a computer with an Internet connection, an email account, and about half an hour.</p>
<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that Edward Snowden used to share his famous secrets about the NSA.</p>
<div class="section-intro">
<h2><em>#1</em> Get the pieces</h2>
<p class="notes">This guide relies on software which is freely licensed; it's completely transparent and anyone can copy it or make their own version. This makes it safer from surveillance than proprietary software (like Windows). To defend your freedom as well as protect yourself from surveillance, we recommend you switch to a free software operating system like GNU/Linux. Learn more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
- <p>To get started, you'll need a desktop email program installed on your computer. This guide works with free software versions of the Thunderbird email program, and with Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like GMail), but provide extra features.</p>
+ <p>To get started, you'll need a desktop email program installed on your computer. This guide works with free software versions of the Thunderbird email program, and with Thunderbird itself. Email programs are another way to access the same email accounts you can access in a browser (like Gmail), but provide extra features.</p>
<p>If you are already have one of these, you can skip to <a href="#step-1b">Step 1.b</a>.</p>
</div><!-- End .section-intro -->
<p><img src="//static.fsf.org/nosvn/enc-dev0/img/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
</div><!-- /.sidebar -->
<div class="main">
- <h3><em>Step 1.a</em> Set your email program up with your email account (if it isn't already)</h3>
+ <h3><em>Step 1.a</em> Setup your email program with your email account (if it isn't already)</h3>
<p>Open your email program and follow the wizard that sets it up with your email account.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<h4>Troubleshooting</h4>
<dl>
<dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are on the Internet and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
+ <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
<dt>My key doesnt appear in the list</dt>
<dd>Try checking Show Default Keys.</dd>
<h2><em>#4</em> Learn the Web of Trust</h2>
<p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, into a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
+<p>When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, forming a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.</p>
<p>People's public keys are usually identified by their key fingerprint, which is a string of digits like DD878C06E8C2BEDDD4A440D3E573346992AB3FF7 (for Adele's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to OpenPGP → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
<h3><em>Step 4.a</em> Sign a key</h3>
<p>In your email program's menu, go to OpenPGP → Key Management.</p>
<p>Right click on Adele's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click OK.</p>
- <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit OK.</p>
+ <p>In the window that pops up, select "I will not answer" and click ok.</p>
+ <p>In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit ok.</p>
<p class="notes">You've just effectively said "I trust that Adele's public key actually belongs to Adele." This doesn't mean much because Adele isn't a real person, but it's good practice.</p>
<div class="main">
<h3>When should I encrypt?</h3>
- <p>The more you can encrypt your messages, the better. This is because, if you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
+ <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.</p>
<p>That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
<div id="step-5c" class="step">
<div class="main">
<h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk or hard drive stored in a safe place in your home.</p>
-<p>If your private key ever gets lost or stolen, you'll need this certificate file.</p>
+ <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home.</p>
+<p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
</div><!-- End .main -->
</div><!-- End #step-5c .step -->