How to encrypt emails under Linux?

  

Now that the network is becoming more and more insecure, many people choose encryption to prevent leaks. How do emails be encrypted? The following small series will introduce you to the method of encrypting e-mail under the Linux system, let's learn together.

Picking up a lot of mail services and mail clients must be a headache. Two encryption methods can be considered: SSL or TLS encryption protects the login and password sent to the mail server. Gunpg is a standard, powerful Linux encryption tool that encrypts and authenticates messages. If you can manage your own GPG encryption and don't consider third-party tools, then that's enough, and we'll discuss that later.

Even if the message is encrypted, you will still be exposed to traffic analysis because the message header must be in plain text. So you need another model such as Tor network to hide your footprint on the Internet. We will look at various mail services and clients, as well as the pros and cons.

Forget Web Mail

If you have used GMail, Yahoo, Hotmail or other webmail provider mail services, forget about them. Any information you enter in a web browser will be exposed to JavaScript attacks, and no matter what protection the service provider provides, it's a rush. (Translator's Note: Is this saying reliable?). GMail, Yahoo and Hotmail both provide SSL/TLS encryption to prevent messages from being eavesdropped. But they don't provide any protection against their own data mining, so they don't provide end-to-end encryption. Both Yahoo and Google claim that end-to-end encryption will be introduced next year. I am skeptical about this, because if their core business data mining is intervened, they can't do anything.

There are also a variety of third-party mail encryption services that claim to provide secure encryption for all types of email, such as Virtru and SafeMess. I still doubt this, because whoever holds the encryption key can access your message, so you still have to rely on trust rather than technology.

Peer-to-peer messages can avoid many of the pitfalls of using centralized services. RetroShare and Bitmessage are two popular examples. I don't know if they are true, but there is definitely something to be said about it.

What about Anddroid and iOS? Assuming most Android and iOS apps don't have permission to get your message, that's the safest. Don't copy what I said -- trouble reading the relevant terms of service and checking the required permissions when the app is about to be installed on your device. Even if their terms are acceptable at the initial installation, remember that the unilateral terms change is the industry standard, so the worst is the safest.

Zero Knowledge

Proton Mail is a brand new mail service that claims to use zero knowledge to encrypt messages. Authentication and message encryption are divided into two separate steps. Proton follows the Swiss privacy policy and they do not log user activity. Zero knowledge encryption provides true security. This means that only you have your encryption key, and if you lose them, your message will not be recovered.

There are also many encrypted email services that claim to protect your privacy. Read the rules carefully to see the red marked places, such as limited user data collection, sharing with friends, and cooperation with law enforcement agencies. These terms imply that they collect and share user data, have access to your encryption key, and read your message.

Linux Mail Client

An independent open source mail client, such as Mutt, Claws, Evolution, Sylpheed and Alpine, can build your own controlled GnuPG key, giving you a big Partial protection. (The easiest way to create more secure email and web browsing is to run the Linux distribution of TAILS live. See the Protect yourself online by Tor, TAILS and Debian.)

Whatever you are using TAILS is also a standard Linux distribution. The way to manage GnuPG is the same, so let's learn how to use GnuPG to encrypt messages.

Using GnuPG

First, familiarize yourself with the related terms. OpenPGP is an open email encryption and authentication protocol based on Philip · Zimmerman's Pretty Good Privacy (PGP). GNU Privacy Guard (GnuPG or GPG) is the GPL implementation of OpenPGP. GnuPG uses a symmetric public key encryption algorithm, which means that a pair of keys is generated: a public key that anyone can use to encrypt the message sent to you and a private key that you only have to decrypt the message. GnuPG performs two separate functions: digitizing the signed message to prove that the message comes from you and the encrypted message. Anyone can read your digitally signed message, but only those who exchange keys with you can read the encrypted message. Remember not to share your key with others! Only public keys can be shared.

Seahorse is the GNOME graphical front end for GnuPG, and KGpg is the KDE graphical GnuPG tool.
Previous12Next Total 2 Pages

Copyright © Windows knowledge All Rights Reserved