When I send emails or give my business card to people, I am continually asked: What's GPG ? What is this file in your mail ?
I am surprised that after Edward Snowden's disclosures about ongoing global surveillance by secretive American agencies (CIA, NSA…), and the overwhelming power these secret agencies have, there are still many people - most poeple, in fact ! - that don't know about GPG or personal privacy tools.
Yet, if you are already convinced or want to use GPG, you can bare jump to the corresponding article there :
- Part 1 : Is there any other way than using GPG ?
- Part 2 : Softwares installation
- Part 3 : a slice of theory and logical
- Part 4 : Create and export your keys
- Part 5 : Sign your mail
- Part 6 : Read and write encrypted mail
- Part 7 : Sign keys
- Part 8 : Sign files
- Part 9 : Encrypt files
- Part 10 : GPG Conf’
What I am going to tell you
Unlike the majority of tutorials over the web about GPG, I am going to teach you on an incremental way, so it's easier for you to understand.
My purpose in doing this is to ensure that you know what you need to know so that you’re well-prepared by the time you need to use GPG in practice.
If you aren’t well-prepared, it’s easy to make a mistake that renders the privacy GPG can offer you useless.
So, we’ll go one step at a time to make sure you understand the whole thing and to allow yourself to dive deeper at your own pace.
What's GPG ?
In the beginning, there was PGP
PGP stands for Pretty Good Privacy.
PGP is the original software, designed by Philip Zimmermann, whose goal was defending privacy, individual liberties and more largely democracy.
PGP is, first and foremost, a tool to encrypt, authenticate, and protect the contents of your email messages. This process uses a lot of high-level math, but don’t worry, because all of the math is done by the software itself.
Then the IETF (Internet Engineering Task Force) standardized PGP format, leading to OpenPGP which made possible for every email user to exchange encrypted emails with any other user, regardless of which email service, program, or provider they were actually using.
Finaly came GPG
This allowed free-softwares advocates and developers to write a software, GnuPG (the “GNU Privacy Guard”), reduced to GPG, which implement OpenPGP.
In other words : with OpenPGP, GnuPG and PGP users can write and send mail to each other without any problem.
Why would you want to use GPG ?
Are you in a couple ? Your partner send you hot pictures to make you horny, or you simply exchange hot talks you don't want anyone to read ?
You have a cooking competition and want to share your recipe for tarts with Bree Hodges, but not with Katherine Mayfair ?
You want to have your own business or are already working in a company and wish to discuss matters with your associates privately ?
You are a journalist and have to communicate with your sources in a safe way ?
This case is very special, because ideally, your sources need to feel confident that they can write to you in a way no one else can overhear even before they know you.
It is important to notice that this was Edward Snowden's case : he used PGP and asked his contacts to do the same to insure safe exchanges.
Some of these reasons seem shallow.
But if we have learned one thing from Desperate Housewives and people surrounding us, it's that no matter how shallow or stupid it may seem, someone might want to open your mail and will use any measures they can to do it !
But let's switch to something else. Ooooohhhh yeeesss …
Google, Yahoo and Microsoft (Live and Hotmail for example) all read your email to create a profile about you, a dossier used to target advertisements, and worse.
Do you remember the fappening ? The celebrities whose private, revealing photos have been stolen. Do you feel their reaction sane ? If so, why don't you value your own privacy the same ?
Good news eventhough, apparently GPG is still safe !
The thing you have to realize is that digital mail is not like sending a letter.
It’s more like sending a postcard. Anyone who looks can read the contents. They don’t have to open a sealed envelope to do it.
So you can think of GPG as the envelope inside of which you put the contents of your message. No more easy to read, intercept, or hijack postcards!
But, Doctor, is it painful ?
Let's say that encryption is not the easiest task on Earth. But I see no way or reason not to use it !
This is the reason I wrote this serie of articles; to familiarize you with GPG so that you, too, will see no reason not to use it.
In the following days, I will publish regularly articles aimed at gradually giving you the skill to master this privacy tool.
By providing you a permanent documentation, by teaching you, gradually, to discover OpenPGP, I hope to allow you to protect your privacy and the privacy of person's you love.
You will see that after some training, using these tools is actually pretty easy and you do it in a natural way.
What's next ?
Feel fine using it ? So come to read the next article !