@JAC no problems.
Using PGP encryption for email
-
Hi,
I wonder about othersā opinions about PGP (Pretty Good Privacy) encryption in email inboxes. Or if others are concerned about the privacy of their email inboxes.
I recently learned that emails are not meant to be confidential or encrypted. At least, during its inception. However, since many email servers/providers are trying to sell āusā as a product, and additionally governmental surveillance programs are increasing day by day, I am more and more interested in encryption for my email inboxes. I am not interested in targeted ads or promotions.
So the main aim is to decrease the amount of my data to be circulated between marketing companies.
I wonder if this is a concern for others and how they solved these problems.
-
undefined crazycells marked this topic as a regular topic on
-
@crazycells great topic. PGP has been around for years, and itās predecessor (if memory serves me correctly) was World Secure. As Iāve said countless times to many people, email is not a secure transport by default, therefore, unless youāve taken steps to secure (encrypt) the traffic stream, you should not expect any level of privacy.
PGP works well but requires Public Key Encryption in order to work. Using symmetric and asymmetric algorithms plus an array of proxying, there are no known ways of breaking it. However, PGP itself was acquired some time ago by Symantec, so if you want to go the truly open source (FOSS) route, youāll need OpenPGP.
The huge advantage of PGP is itās ability to send a message without needing to share any form of keys, so if youāve never met the recipient, you can still send a message and have it completely secured in transit.
Being the huge privacy advocate that I am, Iām a big supporter of anything like this.
As a final note, Proton Mail is well worth a look, and with a paid subscription, you can incorporate your own domain email.
Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab Yes. As you pointed out, I was talking about OpenPGP
Additionally, Proton Mail is one of the services I use.After Robinhood and T-mobile data breaches in the US, unfortunately, my āgoodā email addresses are out there in the dark web. So, I was researching how I can re-structure my email inboxes, and several months ago I encountered with Simple Login app. It is an open-source project too. Have you heard of them? It is an email relay service with alias either in random or custom domains. And you can create unlimited alias and disable them very easily after they are breached.
I actually bought the premium version 1 month ago and last week Simple Login company is bought by Proton Mail, so I believe this application will be around for a much longer time. It natively supports OpenPGP just like Proton Mail. I have already added my custom domains there for email.
I was thinking maybe I can add these public PGP keys in Simple Login and open the emails with private PGP keys on my computer (I guess with Thunderbird? since it supports OpenPGP natively). So, emails are never read by the email servers.
I wonder your opinion about this strategy. This will require to trust Simple Login servers, but I trust them more than I trust Gmail, Outlook, or GMX Servers
-
@crazycells said in Using PGP encryption for email:
Have you heard of them?
I havenāt to be honest, but will certainly be taking a look
@crazycells said in Using PGP encryption for email:
I was thinking maybe I can add these public PGP keys in Simple Login and open the emails with private PGP keys on my computer (I guess with Thunderbird?
Yes, I see no reason as to why not.
@crazycells said in Using PGP encryption for email:
I wonder your opinion about this strategy.
Definitely a step in the right direction, and Iām certainly interested in terms of progress.
Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab said in Using PGP encryption for email:
Definitely a step in the right direction, and Iām certainly interested in terms of progress.
Until I master PGP encryptions, I am only trying this using my outlook account. I added the Public PGP key to the simple login server and the Private PGP key to the Thunderbird app, and it works great so far.
When I log in to the outlook web version, I cannot see any content of the email but encrypted files at the attachment, but when I open Thunderbird I can see the full email with no problem.
Of course, the ideal situation would be encryption from one end to another; but I am happy with this method too
at least none of the emails can be scanned in Gmail or Microsoft servers. I trust the Simple Login server more than I trust Gmail/Outlookā¦I will update you about the progress.
-
@crazycells for webmail, youād need to install and configure PGP there for that to work. Without it, the messages will be encrypted and unreadable
Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab said in Using PGP encryption for email:
@crazycells for webmail, youād need to install and configure PGP there for that to work. Without it, the messages will be encrypted and unreadable
I think the web version can stay like this. I do not mind this since I can reach emails from Thunderbird on my Desktop.
Do you know how can I reach these encrypted emails from my phone (for Gmail and Outlook accounts)? I know protonmail is natively supporting PGP, so their app should be OK.
-
@crazycells using Proton Mail is probably going to be the easiest I think. I know extensions exist for browsers in terms of PGP but I donāt think they work on phones.
-
@crazycells have you seen this ?
https://gnupg.org/Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab said in Using PGP encryption for email:
@crazycells have you seen this ?
https://gnupg.org/nope, I will check this out. I hope it is not an app that I have to copy-paste the text into it to decryption
Additionally, I have found this PGP-friendly email client for mobile:
I have not tried it yet though. I will update you after tryingā¦
-
@crazycells looks really nice. Will check that out
EDIT: Just had a quick look at this application, and it seems to take it upon itself to install the pro trial (see screenshot) which basically means you get used to all of the features then have them redacted if you choose to take the free version. This feels a little bit on the sneaky side to me
Iāve uninstalled based on this. The reviews arenāt that great either - although there are not really enough to base a decision on.
Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab thanks for pointing this out. I will look for alternatives.
-
@crazycells You might want to have a look at Fair Email - itās one I use because it respects privacy - plus, if you want the pro version, itās much cheaper.
https://email.faircode.eu/Author of OGProxy, Swatch, Threaded, Card, and most of Sudonix's bugsā¦
-
@phenomlab I think this is not available for IOS, I could not find it in App Store.
-
@crazycells Mmmm - yes, sadly, it is only Android (which I use). There are alternatives, but not sure what they are like
https://www.topbestalternatives.com/fairemail/ios/
Related Topics
-
Best email provider?
Solved Privacy -
-
-
-
-
-
-