Commit | Line | Data |
---|---|---|
a6ffc443 AE |
1 | <!DOCTYPE html> |
2 | <html lang="en"> | |
3 | <head> | |
4 | <meta http-equiv="content-type" content="text/html; charset=utf-8" /> | |
5 | <title>Email Self-Defense - a guide to fighting surveillance with GnuPG | |
6 | encryption</title> | |
7 | <meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, | |
013b81e2 | 8 | email, security, GnuPG2, encryption" /> |
a6ffc443 AE |
9 | <meta name="description" content="Email surveillance violates our fundamental |
10 | rights and makes free speech risky. This guide will teach you email | |
11 | self-defense in 40 minutes with GnuPG." /> | |
12 | <meta name="viewport" content="width=device-width, initial-scale=1" /> | |
13 | <link rel="stylesheet" href="../static/css/main.css" /> | |
14 | <link rel="shortcut icon" | |
15 | href="../static/img/favicon.ico" /> | |
16 | </head> | |
17 | ||
76cdb763 | 18 | <body> |
013b81e2 | 19 | <!--<div style="text-align: center; padding: 2.5px; background-color: #a94442; color:#fcf8e3;"><p>Due to Enigmail's PGP functionality being migrated into Icedove and Thunderbird, steps 2 and 3 of the guide are currently out of date.</p><p> Thank you for your patience while we're working on a new round of updates.</p></div>--> |
a6ffc443 AE |
20 | |
21 | <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ --> | |
22 | <header class="row" id="header"><div> | |
23 | ||
24 | <h1>Email Self-Defense</h1> | |
25 | ||
26 | <!-- Language list for browsers that do not have JS enabled --> | |
27 | <ul id="languages" class="os"> | |
85377148 TG |
28 | <li><strong><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"> |
29 | Translate!</a></strong></li> | |
a6ffc443 AE |
30 | </ul> |
31 | ||
32 | <ul id="menu" class="os"> | |
33 | <li class="spacer"><a href="index.html">Set up guide</a></li> | |
013b81e2 | 34 | <!--<li><a href="mac.html">macOS</a></li>--> |
a6ffc443 | 35 | <!--<li><a href="windows.html">Windows</a></li>--> |
85377148 TG |
36 | <li class="spacer"><a href="workshops.html" class="current">Teach your friends</a></li> |
37 | <li class="spacer"><a | |
38 | href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email%20encryption%20for%20everyone%20via%20%40fsf"> | |
39 | Share | |
40 | <img src="../static/img/gnu-social.png" class="share-logo" | |
a6ffc443 | 41 | alt="[GNU Social]" /> |
85377148 | 42 | <img src="../static/img/mastodon.png" class="share-logo" |
a6ffc443 | 43 | alt="[Mastodon]" /> |
85377148 | 44 | <img src="../static/img/reddit-alien.png" class="share-logo" |
a6ffc443 | 45 | alt="[Reddit]" /> |
85377148 TG |
46 | <img src="../static/img/hacker-news.png" class="share-logo" |
47 | alt="[Hacker News]" /></a></li> | |
a6ffc443 AE |
48 | </ul> |
49 | ||
50 | <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ --> | |
51 | <div id="fsf-intro"> | |
52 | ||
53 | <h3><a href="https://u.fsf.org/ys"><img | |
54 | alt="Free Software Foundation" | |
55 | src="../static/img/fsf-logo.png" /> | |
56 | </a></h3> | |
57 | ||
58 | <div class="fsf-emphasis"> | |
59 | ||
60 | <p>We want to translate this guide | |
61 | into more languages, and make a version for encryption on mobile | |
62 | devices. Please donate, and help people around the world take the first | |
63 | step towards protecting their privacy with free software.</p> | |
64 | ||
65 | </div> | |
66 | ||
67 | <p><a | |
68 | href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img | |
69 | alt="Donate" | |
70 | src="../static/img/en/donate.png" /></a></p> | |
71 | ||
72 | </div><!-- End #fsf-intro --> | |
73 | ||
74 | <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ --> | |
75 | <div class="intro"> | |
76 | ||
77 | <p><a id="infographic" | |
62d92603 | 78 | href="infographic.html"><img |
a6ffc443 AE |
79 | src="../static/img/en/infographic-button.png" |
80 | alt="View & share our infographic →" /></a> | |
81 | Understanding and setting up email encryption sounds like a daunting task | |
82 | to many people. That's why helping your friends with GnuPG plays such an | |
83 | important role in helping spread encryption. Even if only one person shows | |
84 | up, that's still one more person using encryption who wasn't before. You have | |
85 | the power to help your friends keep their digital love letters private, and | |
86 | teach them about the importance of free software. If you use GnuPG to send and | |
87 | receive encrypted email, you're a perfect candidate for leading a workshop!</p> | |
88 | ||
89 | </div><!-- End .intro --> | |
90 | </div></header><!-- End #header --> | |
91 | ||
92 | <!-- ~~~~~~~~~ Section 1: Get your friends or community interested ~~~~~~~~~ | |
93 | --> | |
94 | <section style="padding-top: 0px;" class="row" id="section1"> | |
95 | <div style="padding-top: 0px;"> | |
96 | ||
97 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
98 | <div class="section-intro"> | |
99 | <p style="margin-top: 0px;" class="image"><img | |
100 | src="../static/img/en/screenshots/workshop-section1-update.png" | |
101 | alt="A small workshop among friends" /></p> | |
102 | <h2><em>#1</em> Get your friends or community interested </h2> | |
103 | ||
104 | <p>If you hear friends grumbling about their lack of privacy, ask them if | |
105 | they're interested in attending a workshop on Email Self-Defense. If your | |
106 | friends don't grumble about privacy, they may need some convincing. You might | |
107 | even hear the classic "if you've got nothing to hide, you've got nothing to | |
108 | fear" argument against using encryption.</p> | |
109 | ||
110 | <p>Here are some talking points you can use to help explain why it's worth | |
111 | it to learn GnuPG. Mix and match whichever you think will make sense to | |
112 | your community:</p> | |
113 | ||
114 | </div><!-- End .section-intro --> | |
115 | <div id="step-aa" class="step"> | |
116 | <div class="sidebar"> | |
117 | <!-- Workshops image commented out from here, to be used above instead. | |
118 | ||
119 | <p><img id="workshops-image" | |
120 | src="../static/img/en/screenshots/workshop-section1.png" | |
121 | alt="Workshop icon"></p>--> | |
122 | </div><!-- /.sidebar --> | |
123 | <div class="main"> | |
124 | ||
125 | <h3>Strength in numbers</h3> | |
126 | ||
127 | <p>Each person who chooses to resist mass surveillance with encryption makes | |
128 | it easier for others to resist as well. People normalizing the use of strong | |
129 | encryption has multiple powerful effects: it means those who need privacy | |
130 | the most, like potential whistle-blowers and activists, are more likely to | |
131 | learn about encryption. More people using encryption for more things also | |
132 | makes it harder for surveillance systems to single out those that can't | |
133 | afford to be found, and shows solidarity with those people.</p> | |
134 | ||
135 | </div><!-- End .main --> | |
136 | <div class="main"> | |
137 | ||
138 | <h3>People you respect may already be using encryption</h3> | |
139 | ||
140 | <p>Many journalists, whistleblowers, activists, and researchers use GnuPG, | |
141 | so your friends might unknowingly have heard of a few people who use it | |
142 | already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make | |
143 | a list of people and organizations who use GnuPG whom your community will | |
144 | likely recognize.</p> | |
145 | ||
146 | </div><!-- End .main --> | |
147 | <div class="main"> | |
148 | ||
149 | <h3>Respect your friends' privacy</h3> | |
150 | ||
151 | <p>There's no objective way to judge what constitutes privacy-sensitive | |
152 | correspondence. As such, it's better not to presume that just because you | |
153 | find an email you sent to a friend innocuous, your friend (or a surveillance | |
154 | agent, for that matter!) feels the same way. Show your friends respect by | |
155 | encrypting your correspondence with them.</p> | |
156 | ||
157 | </div><!-- End .main --> | |
158 | <div class="main"> | |
159 | ||
160 | <h3>Privacy technology is normal in the physical world</h3> | |
161 | ||
162 | <p>In the physical realm, we take window blinds, envelopes, and closed doors | |
163 | for granted as ways of protecting our privacy. Why should the digital realm | |
164 | be any different?</p> | |
165 | ||
166 | </div><!-- End .main --> | |
167 | <div class="main"> | |
168 | ||
169 | <h3>We shouldn't have to trust our email providers with our privacy</h3> | |
170 | ||
171 | <p>Some email providers are very trustworthy, but many have incentives not | |
172 | to protect your privacy and security. To be empowered digital citizens, | |
173 | we need to build our own security from the bottom up.</p> | |
174 | ||
175 | </div><!-- End .main --> | |
176 | </div><!-- End #step-aa .step --> | |
177 | </div></section><!-- End #section1 --> | |
178 | ||
179 | <!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ --> | |
180 | <section class="row" id="section2"><div> | |
181 | ||
182 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
183 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
184 | margin-bottom: 0px;"> | |
185 | ||
186 | <h2><em>#2</em> Plan The Workshop</h2> | |
187 | ||
188 | <p>Once you've got at least one interested friend, pick a date and start | |
189 | planning out the workshop. Tell participants to bring their computer and | |
190 | ID (for signing each other's keys). If you'd like to make it easy for the | |
191 | participants to use <a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">Diceware</a> for choosing passwords, get a pack of dice | |
192 | beforehand. Make sure the location you select has an easily accessible | |
193 | Internet connection, and make backup plans in case the connection stops | |
194 | working on the day of the workshop. Libraries, coffee shops, and community | |
195 | centers make great locations. Try to get all the participants to set up | |
196 | an email client based on Thunderbird before the event. Direct them to their | |
197 | email provider's IT department or help page if they run into errors.</p> | |
198 | ||
199 | <p>Estimate that the workshop will take at least forty minutes plus ten minutes | |
200 | for each participant. Plan extra time for questions and technical glitches.</p> | |
201 | ||
202 | <p>The success of the workshop requires understanding and catering to | |
203 | the unique backgrounds and needs of each group of participants. Workshops | |
204 | should stay small, so that each participant receives more individualized | |
205 | instruction. If more than a handful of people want to participate, keep the | |
206 | facilitator to participant ratio high by recruiting more facilitators, or by | |
207 | facilitating multiple workshops. Small workshops among friends work great!</p> | |
208 | ||
209 | </div><!-- End .section-intro --> | |
210 | </div></section><!-- End #section2 --> | |
211 | ||
212 | <!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ --> | |
213 | <section class="row" id="section3"><div> | |
214 | ||
215 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
216 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
217 | margin-bottom: 0px;"> | |
218 | ||
219 | <h2><em>#3</em> Follow the guide as a group</h2> | |
220 | ||
221 | <p>Work through the Email Self-Defense guide a step at a time as a group. Talk | |
222 | about the steps in detail, but make sure not to overload the participants | |
223 | with minutia. Pitch the bulk of your instructions to the least tech-savvy | |
224 | participants. Make sure all the participants complete each step before the | |
225 | group moves on to the next one. Consider facilitating secondary workshops | |
226 | afterwards for people that had trouble grasping the concepts, or those that | |
227 | grasped them quickly and want to learn more.</p> | |
228 | ||
229 | <p>In <a href="index.html#section2">Section 2</a> of the guide, make | |
230 | sure the participants upload their keys to the same keyserver so that | |
231 | they can immediately download each other's keys later (sometimes | |
232 | there is a delay in synchronization between keyservers). During <a | |
233 | href="index.html#section3">Section 3</a>, give the participants the option to | |
234 | send test messages to each other instead of or as well as Edward. Similarly, | |
235 | in <a href="index.html#section4">Section 4</a>, encourage the participants | |
236 | to sign each other's keys. At the end, make sure to remind people to safely | |
237 | back up their revocation certificates.</p> | |
238 | ||
239 | </div><!-- End .section-intro --> | |
240 | </div></section> | |
241 | ||
242 | <!-- ~~~~~~~~~ Section 4: Explain the pitfalls ~~~~~~~~~ --> | |
243 | <section class="row" id="section4"><div> | |
244 | ||
245 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
246 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
247 | margin-bottom: 0px;"> | |
248 | ||
249 | <h2><em>#4</em> Explain the pitfalls</h2> | |
250 | ||
251 | <p>Remind participants that encryption works only when it's explicitly used; | |
252 | they won't be able to send an encrypted email to someone who hasn't already | |
253 | set up encryption. Also remind participants to double-check the encryption icon | |
254 | before hitting send, and that subjects and timestamps are never encrypted.</p> | |
255 | ||
256 | <p> Explain the <a | |
257 | href="https://www.gnu.org/proprietary/proprietary.html">dangers | |
258 | of running a proprietary system</a> and | |
259 | advocate for free software, because without it, we can't <a | |
260 | href="https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance">meaningfully | |
261 | resist invasions of our digital privacy and autonomy</a>.</p> | |
262 | ||
263 | </div><!-- End .section-intro --> | |
264 | </div></section><!-- End #section4 --> | |
265 | ||
266 | <!-- ~~~~~~~~~ Section 5: Explain The Pitfalls ~~~~~~~~~ --> | |
267 | <section id="section5" class="row"><div> | |
268 | ||
269 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
270 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
271 | margin-bottom: 0px;"> | |
272 | ||
273 | <h2><em>#5</em> Share additional resources</h2> | |
274 | ||
275 | <p>GnuPG's advanced options are far too complex to teach in a single | |
276 | workshop. If participants want to know more, point out the advanced subsections | |
277 | in the guide and consider organizing another workshop. You can also share | |
278 | <a href="https://www.gnupg.org/documentation/index.html">GnuPG's</a> | |
279 | official documentation and mailing lists, and the <a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">Email Self-Defense feedback</a> page. Many GNU/Linux distribution's Web | |
280 | sites also contain a page explaining some of GnuPG's advanced features.</p> | |
281 | ||
282 | </div><!-- End .section-intro --> | |
283 | </div></section><!-- End #section5 --> | |
284 | ||
285 | <!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ --> | |
286 | <section class="row" id="section6"><div> | |
287 | ||
288 | <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ --> | |
289 | <div class="section-intro" style="border: none; padding-bottom: 0px; | |
290 | margin-bottom: 0px;"> | |
291 | ||
292 | <h2><em>#6</em> Follow up</h2> | |
293 | ||
294 | <p>Make sure everyone has shared email addresses and public key fingerprints | |
295 | before they leave. Encourage the participants to continue to gain GnuPG | |
296 | experience by emailing each other. Send them each an encrypted email one | |
297 | week after the event, reminding them to try adding their public key ID to | |
298 | places where they publicly list their email address.</p> | |
299 | ||
300 | <p>If you have any suggestions for improving this workshop guide, please | |
301 | let us know at <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>.</p> | |
302 | ||
303 | </div><!-- End .section-intro --> | |
304 | </div></section><!-- End #section6 --> | |
305 | <!-- ~~~~~~~~~ Footer ~~~~~~~~~ --> | |
306 | <footer class="row" id="footer"><div> | |
307 | <div id="copyright"> | |
308 | ||
309 | <h4><a href="https://u.fsf.org/ys"><img | |
310 | alt="Free Software Foundation" | |
311 | src="../static/img/fsf-logo.png" /></a></h4> | |
312 | ||
313 | <p>Copyright © 2014-2021 <a | |
314 | href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a | |
315 | href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please | |
316 | support our work by <a href="https://u.fsf.org/yr">joining us as an associate | |
317 | member.</a></p> | |
318 | ||
319 | <p>The images on this page are under a <a | |
320 | href="https://creativecommons.org/licenses/by/4.0/">Creative Commons | |
321 | Attribution 4.0 license (or later version)</a>, and the rest of it is under | |
322 | a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons | |
323 | Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a | |
324 | href="https://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz"> | |
325 | source code of Edward reply bot</a> by Andrew Engelbrecht | |
326 | <andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, | |
327 | available under the GNU Affero General Public License. <a | |
328 | href="https://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these | |
329 | licenses?</a></p> | |
330 | ||
331 | <p>Fonts used in the guide & infographic: <a | |
332 | href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo | |
333 | Impallari, <a href="https://www.google.com/fonts/specimen/Signika">Signika</a> | |
334 | by Anna Giedryś, <a | |
335 | href="https://www.google.com/fonts/specimen/Archivo+Narrow">Archivo | |
336 | Narrow</a> by Omnibus-Type, <a | |
337 | href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> | |
338 | by Florian Cramer.</p> | |
339 | ||
340 | <p>Download the <a href="emailselfdefense_source.zip">source package</a> | |
341 | for this guide, including fonts, image source files and the text of Edward's | |
342 | messages.</p> | |
343 | ||
344 | <p>This site uses the Weblabels standard for labeling <a | |
345 | href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View | |
346 | the JavaScript <a href="https://weblabels.fsf.org/emailselfdefense.fsf.org/" | |
347 | rel="jslicense">source code and license information</a>.</p> | |
348 | ||
349 | </div><!-- /#copyright --> | |
350 | ||
351 | <p class="credits">Infographic and guide design by <a rel="external" | |
352 | href="https://jplusplus.org"><strong>Journalism++</strong><img | |
353 | src="../static/img/jplusplus.png" | |
354 | alt="Journalism++" /></a></p><!-- /.credits --> | |
355 | </div></footer><!-- End #footer --> | |
356 | ||
357 | <script type="text/javascript" | |
358 | src="../static/js/jquery-1.11.0.min.js"></script> | |
eec483e9 TG |
359 | <script type="text/javascript" |
360 | src="../static/js/scripts.js"></script> | |
a6ffc443 AE |
361 | <!-- Piwik --> |
362 | <script type="text/javascript"> | |
35d248c5 | 363 | // @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-2.0-or-later |
a6ffc443 AE |
364 | var _paq = _paq || []; |
365 | _paq.push(["trackPageView"]); | |
366 | _paq.push(["enableLinkTracking"]); | |
367 | ||
368 | (function() { | |
369 | var u = (("https:" == document.location.protocol) ? "https" : "http") + "://"+"piwik.fsf.org//"; | |
370 | _paq.push(["setTrackerUrl", u+"piwik.php"]); | |
371 | _paq.push(["setSiteId", "13"]); | |
372 | var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript"; | |
373 | g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s); | |
374 | })(); | |
375 | // @license-end | |
376 | </script> | |
377 | <!-- End Piwik Code --> | |
378 | <!-- Piwik Image Tracker --> | |
379 | <noscript><img src="https://piwik.fsf.org//piwik.php?idsite=13&rec=1" style="border:0" alt="" /></noscript> | |
380 | <!-- End Piwik --> | |
381 | </body> | |
382 | </html> |