In view of the NSA brouhaha, I’ve been thinking about encrypted email as a first step in keeping my private business private. Like most of you, I’m the proverbial “nothing to hide” netizen but I also have an instinctive dislike (to put it mildly) of others snooping into my business, as innocent and boring as it is.
Sadly, this is a difficult problem. I have long had the necessary software installed and I routinely sign all my email. That’s the easy part. The hard part is getting everyone else to get, use, and publish their own PGP key. If folks would do that, email would be a reasonably secure communication medium. The problem is that Aunt Millie (1) doesn’t see the point, and (2) finds even the simple PGP procedures too difficult to understand.
Still, I’d like to do something to encourage greater PGP use. If you don’t already have a published key, get one and use it whenever you can. If you’re not sure how to get started—that seems unlikely for Irreal readers—here’s some instructions on installing PGP for Windows, Linux, and Mac OS X. It’s very easy to install PGP on any of these OS so there’s really no reason not to. I urge you to do so if you haven’t already and to start using it.
There are many benefits aside from ameliorating our paranoia. Imagine that your bank digitally signed their emails to you. That, alone, would cripple the phishing of banking credentials. Imagine that everyone signed their emails. That would essentially end phishing altogether and end the particularly nasty spammer tactic of stealing address books and forging one of your friend’s email from address for sending you spam or malware.
If you’ve got any ideas on how to encourage greater PGP use or ways that that greater use could benefit us, please leave a comment. As things stand now, we’re getting hit by criminals on the one side and the government on the other (insert your own snark here).