<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
<div class="intro">
<p>
- <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambed to make sure a surveillance agent or thief intercepting your email can't read it. All you need is a computer with an Internet connection, an email account, about forty minutes and five dice (optional, but recommended).</p>
+ <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>Bulk surveillance violates our fundamental rights and makes free speech risky. This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambed to make sure a surveillance agent or thief intercepting your email can't read them. All you need is a computer with an Internet connection, an email account, about forty minutes and five dice (optional, but recommended).</p>
-<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that whistleblowers use to protect their identities while shining light on human rights abuses and government corruption.</p>
+<p>Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you're in good company; these are the same tools that whistleblowers use to protect their identities while shining light on human rights abuses, corruption and other crimes.</p>
<p>In addition to using encryption, standing up to surveillance requires fighting politically for a <a href="http://gnu.org/philosophy/surveillance-vs-democracy.html">reduction in the amount of data collected on us</a>, but the essential first step is to protect yourself and make surveillance of your communication as difficult as possible. This guide helps you do that. It is designed for beginners, but if you already know the basics of GnuPG or are an experienced free software user, you'll enjoy the advanced tips.</p>
<p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
</div><!-- /.sidebar -->
<div class="main">
- <h3><em>Step 1.a</em> Setup your email program with your email account</h3>
- <p>Open your email program and follow the wizard (step-by-step walkthrough) that sets it up with your email account. Look for the letters SSL, TLS, or STARTTLS to the right of the servers when you're setting up your account. If you don't see them, you will still be able to use encryption, but this means that the people running your email system are running behind the industry standard in protecting your security and privacy. We recommend that you send them a friendly email asking them to enable SSL, TLS, or STARTTLS for your email server. They will know what you're talking about, so it's worth making the request even if you aren't an expert on these security systems.</p>
+ <h3><em>Step 1.a</em> Set up your email program with your email account</h3>
+ <p>Open your email program and follow the wizard (step-by-step walkthrough) that sets it up with your email account.</p>
+ <p>Look for the letters SSL, TLS, or STARTTLS to the right of the servers when you're setting up your account. If you don't see them, you will still be able to use encryption, but this means that the people running your email system are running behind the industry standard in protecting your security and privacy. We recommend that you send them a friendly email asking them to enable SSL, TLS, or STARTTLS for your email server. They will know what you're talking about, so it's worth making the request even if you aren't an expert on these security systems.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<dt>I can't find the menu.</dt>
<dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars.</dd>
<dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails. To send an HTML-formatted email without encryption and or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars.</dd>
+ <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
<dt class="feedback">Don't see a solution to your problem?</dt>
<dd class="feedback">Please let us know on the <a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">feedback page</a>.</dd>
<p>Your public key isn't like a physical key, because it's stored in the open in an online directory called a keyserver. People download it and use it, along with GnuPG, to encrypt emails they send to you. You can think of the keyserver as a phonebook; people who want to send you encrypted email can look up your public key.</p>
- <p>Your private key is more like a physical key, because you keep it to yourself (on your computer). You use GnuPG and your private key to descramble encrypted emails other people send to you. <span style="font-weight: bold;">You should never share you private key with anyone, under any circumstances.</span></p>
- <p>In addition to encryption and decryption, you can also use these keys to sign messages and check the authenticity of other people's signatures. This process helps stop impersonators. We'll discuss this more in the next section.</p>
+ <p>Your private key is more like a physical key, because you keep it to yourself (on your computer). You use GnuPG and your private key together to descramble encrypted emails other people send to you. <span style="font-weight: bold;">You should never share you private key with anyone, under any circumstances.</span></p>
+ <p>In addition to encryption and decryption, you can also use these keys to sign messages and check the authenticity of other people's signatures. We'll discuss this more in the next section.</p>
</div><!-- End .section-intro -->
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<dd>Open whatever program you usually use for installing software, and search for GnuPG, then install it. Then restart the Enigmail setup wizard by going to Enigmail → Setup Wizard.</dd>
<dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails. To use it, you'll have to hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
+ <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
<dt>More resources</dt>
<dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>.</dd>
<dt>Command line key generation</dt>
- <dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than the algorithms the documentation recommendeds. Also make sure your key is at least 2048 bits, or 4096 if you really want to be secure.</dd>
+ <dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than the algorithms the documentation recommends. Also make sure your key is at least 2048 bits, or 4096 if you want to be extra secure.</dd>
<dt>Advanced key pairs</dt>
<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
<h4>Advanced</h4>
<dl>
<dt>Uploading a key from the command line</dt>
- <dd>You can also upload your keys to a keyserver through the <a href="https://
help.ubuntu.com/community/GnuPrivacyGuardHowto#Uploading_the_key_to_Ubuntu_keyserver">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
+ <dd>You can also upload your keys to a keyserver through the <a href="https://
www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
</dl>
</div><!-- /.troubleshooting -->
// @license-end
</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
<!-- End Piwik Tracking Code -->
-
-
+
+
</body>
</html>
projects / enc-live.git / commitdiff