It’s time to download and use the tor browser again, and some e-mail encryption apps. Welcome to the police-state of the federations of Canada a.k.a. 1984.
Tag: e-mail
How to digitally sign an e-mail
Written by Eric Bright
Last update on August 29, 2013
2nd updated on August 25, 2011
First published on Feb 3, 2009
[UPDATE: This solution would not work with Gmail any longer, because the Firefox add-on that I was using at the time is not supported any more. Read the instructions for the updated method of signing your email here.]
Requirements:
- Operating systems: Win XP, Vista, or 7
- Softwares: GnuPG, Firefox, FireGPG (it’s a Firefox add-on), GPGshell
- A gmail account
- Enough time
- Go to Tools > Add-ons > Get add-ons
- Search this: FireGPG [UPDATE: this extension is discontinued. It will not work with Gmail any more because the Gmail support is removed from the extension. Here is the blog-post explaining the discontinuation.]
- When the add-on is found, install it [UPDATE: the add-on (or extension) is not available on Firefox Add-on web site any more. You can get it from here though.]
- Download GnuPG from here
- Install what you have downloaded (the package contains GnuPG: 2.0.17 and several other applications. You only need GnuPG)
- Restart your Firefox
- Go to Tools > Add-ons > Extensions
- Browse down to find FireGPG and then click on Options
- You will probably get the following message: Error : FireGPG is unable to access the gpg executable. Make sure GPG is installed or specify the path in the preferences.
- Click on Ok
- Go to the GPG tab
- Put a check mark next to Specify the path of GPG
- Click on the Browse button and browse to the folder you just installed your GPG into. It is usually in the following location by default: C:\Program files\GNU\GnuPG\gpg.exe (note: in a 64bit Windows, it would be installed in C:\Program Files (x86)\GNU\GnuPG\gpg.exe) Select it and press Open
- Now you are back to the FireGPG Preferences dialog box. Click on Ok
- Close Add-ons
- Now you need to make secure keys to sign your e-mails so NO one can forge your emails any more. Here is how to make new keys and how to use them:
- Download this GPGshell from here: http://www.jumaros.de/rsoft/index.html
- Now you should have a file with this name gpgsh377.zip on your desktop (or wherever the downloaded file is put automatically.) Unzip and install GPGshell
- When you are asked if you “want to use blah blah blah for the GPGshell-HomeDir†say Yes
- Now you need to set-up your computer’s Environmental Variables’ PATH. To do so, Right-click on My Computer (or on Computer if you use Vista) and select Properties
- Click on the Advanced tab (“Advanced System Settings†and then “Advanced” tab under Windows 7)
- Click on the Environmental Variables
- Then browse down in the System Variables list-box and find PATH
- Press the Edit button
- In the Variable Value field, add the following C:\program files\GUN\GnuPG and make sure that it is separated from the next entry by a semicolon (or if you added it to the end of the string, it should be separated from the last item by a semicolon that looks like. (Note: it would be C:\Program Files (x86)\GNU\GnuPG if you are using a 64 bit system)
- Press Ok, three times I guess
- If you are on a Win XP machine, you need to restart now for the changes to take effect. Vista/Win7 does not need a restart
- Now, open Start > GPGshell > GPGkeys
- It’s the first time you are running this application, so you might not have a pair of keys. Then the program asks you to “create your own key now”. Say Yes
- GPGkeys’ Key Generation dialogue box will open up. In the User ID section, fill in the Name, Comment, and your E-mail that you are going to use. Example: Name: Andi Ramfield Comment: My first key ring E-mail: [email protected]
- Now click on the Generate button
- A command-line window pups up. After it finishes its work, you will get a dialog box asking you to protect your key by a passphrase. Click on Yes
- A new command-line window comes up again. Now enter your passphraes (like a password, but can be much longer). Example: AnDi-RaMfIeLd-7531. You should repeat it one more time to confirm the passphrase
- Now the GPGkeys main window comes up. You are done with making a pair of Public key and Private key. You keep the Private key in a safe, and give the Public key to others. You should send me one copy of the Public key that you just created. To do that, in the GPGkey window, right-click on the key you just created. Then select Export. Put it on your desktop. The key that you export has to have pub.asc at the end of its name. That means that it is a public key, not your private key
- Now log-in into your Gmail e-mail account (or Yahoo or Hotmail or whatever). Go to Compose Mail and write something
- Select the text you wrote
- You will see several buttons added to your tool-bar. One is Clear sign. Click on that button while the text in the compose area is still selected
- FireGPG -private key window will pop up. Select the key you created and click on Ok
- You will be asked to enter your passphrase. Enter it and bang! You have your text digitally signed
- But for me to be able to verify your signature, you should attach your public key that you Exported on your desktop. So attach it to the email that you signed (you need to do it once and I will have it on my computer for as long as it is not expired)
- Ok! Now, you signed the text, and attached your public key. When I get your e-mail, I download your attached public key too, install it on my computer, and will be able to Verify your signature later
That’s it!
The good thing is that I can send you Encrypted e-mails as long as I have your un-expired public key and no one on earth, not even me, can open it [possibly for a long time]. To open it, one has to have your Private key. The Firefox’s add-on, i.e. FireGPG, will decrypt the received encrypted text if it still has your Private key.