How to send secure messages and encrypted e-mails
19 December 2017 | 0
Where there’s a method there’s a hack. While we’re sending more messages than ever, that means there are plenty of opportunities for cybercriminals to exploit your personal communications. Here are some pointers on protecting yourself.
How to send secure e-mails
To properly secure e-mail messages you need to encrypt two things: the connection from your e-mail provider, and the e-mail itself. The first stops messages being probed as they send, encrypting the e-mail itself means that any intercept will be foiled.
First we’ll secure the connection between your e-mail provider and your computer. You need to set up Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption.
If you use the Internet to check your e-mail check that SSL/TLS encryption is active. If it is, the website address (URL) will begin with https instead of http. If you don’t see an ‘https’ address type an s at the end of the ‘http’ and press Enter. This will usually prompt your email provider to encrypt your connection.
If you use a desktop e-mail client such as Outlook or Thunderbird, or a smartphone or tablet with an e-mail app, encryption is harder to verify or to set up. Open up the app or software and navigate to the settings menu. Then in the advanced settings near where you can specify the port numbers for incoming and outgoing connections look for an option to activate encryption.
Now we will encrypt individual e-mail messages during transit. This is a lot more involved and will mean both you and your e-mail recipient must do some work ahead of time. It’s probably best to save this for extreme circumstances.
Fortunately you can usually use the built-in encryption features provided by your e-mail service. Failing that you can download encryption software or client add-ons. And if all else fails you can use a Web-based encryption e-mail service such as Sendinc or JumbleMe.
Message encryption protocols such as S/MIM and OpenPGP require you to install a security certificate on your computer. You then give trusted contacts a string of characters to use as a key before they can send or receive an encrypted message with you. Likewise, the intended recipients of your encrypted message must install a security certificate on their computer and give you their public key in advance.
Support for the S/MIME standard is built into many e-mail clients, including Microsoft Outlook and Thunderbird. If you use webmail browser add-ons such as Gmail S/MIME for Firefox do the job. To get started, you need to apply for a security certificate from a company such as Comodo.
The OpenPGP (Pretty Good Privacy) email encryption standard has a few variants, including PGP and GNU Privacy Guard (GnuPG). You can find free and commercial software and add-ons, such as Gpg4win or PGP Desktop Email, that support the OpenPGP type of encryption.
Using IM instead e-mail
We are, however, using e-mail less. Instant messaging has become incredibly popular with apps such as WhatsApp offering a free way to send messages across the Web. Unfortunately, not all of them keep your messages encrypted. Fortunately, the most popular one around (Whatsapp) does.
It’ll let you send messages to friends and family worldwide using end-to-end encryption, keeping them secure. The only downside? Whatsapp is owned by Facebook, a notoriously data-hungry corporation, and while it insists it doesn’t (and can’t) read users messages, some people are understandably not convinced.
Luckily there are a number of other encrypted messaging apps around that will do just as good a job without any involvement from Mark Zuckerberg.
Depending on your needs, one option is goTenna Mesh. These portable devices are designed primarily for areas with poor signal, and let you create a mini mesh network to communicate, but use end-to-end encryption on all messages – with no backdoor access, according to the creators.
Sold in packs of two, four or eight, you simply pair each goTenna to a phone over Bluetooth and can then send encrypted messages (though not voice calls) between devices as long as they’re in range – up to four miles in open terrain, and half a mile or so in busier urban environments. You can also use the devices to create a relay, extending the range with each one.
Obviously this won’t be the ideal solution for everyone, but it could be perfect for people who want to reliably and securely contact friends and family who live near them – or anyone hoping to plan for a visit to a low-signal area, such as a hiking trip or festival weekend. You can buy a pack directly from goTenna.
IDG News Service