GnuPG/Privacy

What is this for?

The issue of data privacy is increasing in importance. I don't like it when unauthorized people get access to my personal items; I doubt you like it either. And let's not forget the government. Much to the chagrin of those who believe in stripping people's identity and stealing their private thoughts, something can be done.

What can we do?

Use an encryption program like PGP, or, if you prefer open-source, free software (like I do), use GnuPG.

How does it work?

GnuPG/PGP uses public-key cryptography for encryption. If you want to send something to Joe Sixpack, you get his public key from a directory or from himself. The software then encrypts your e-mail using his public key. You can't run the process backwards using his public key to decode it; it can only be decrypted by his private key. This solves the problem with earlier encryption systems: that the same key is used for encryption and decryption. With this system, a user can put his public key out in the open for everybody to use.

This method can also be used to verify a signature. Say I send Joe Sixpack an e-mail and encrypt it with my private key. If my public key can then decrypt the message successfully, then Joe knows that I sent it, not somebody pretending to be me. Very nice.

Where do I get this beautiful thing?

GnuPG can be found at http://www.gnupg.org/. It is a command-line utility, so there are several graphical front ends available for those who want a little more GUI action. Windows users can try out WinPT. Both are free

PGP can be found at http://www.pgp.com/.

Now what?

Now that you have GnuPG/PGP, you need my public key. Keys are in simple .txt format, so all you need to do is cut and paste in order to import the key onto your keyring. My latest key is Key ID 0x52AE6AB0, below. This email address is being protected from spambots. You need JavaScript enabled to view it. me if you would like me to give the fingerprint by voice.

This key should be on most, if not all, available PGP keyservers by searching for my name or e-mail address.

Note: Several of my previous keys have been revoked, have expired, or are no longer in use. This includes Key IDs: 0x40696B40, 0xCB2E8E97, 0xAC053980, 0x410CCD71, and most recently, 0xEE915B05. Do not use these keys.

That's it. Enjoy.

 

Who's Online

We have 70 guests and no members online