Worried about the U.S. government spying on you? Facebook, Google, Microsoft — and criminals — could be spying on you, too.
Internet service providers and others can and do view personal email. Here’s how to securely send private information.
Widespread third-party access to personal email
Email is an open book. Between sender and recipient, messages pass through and are stored on numerous online servers — and some of those servers have eyeballs. If you’re using a free email service such as Gmail or Outlook.com, the company providing that service almost certainly scans your mail for antivirus purposes — and often to better target advertising. (A CNNMoney story describes a Microsoft/Google spat over what constitutes “scanning.”)
Moreover, the U.S. National Security Agency (NSA) not only scoops up mobile-phone metadata but reportedly has copies of everyone’s email. And cyber criminals have their own ways of snagging email in search of credit-card numbers and other bits of information they can use to steal your identity and money.
The obvious solution to keeping your messages private is encrypting them — a process that’s far from easy. The various recipients must have the ability and technical know-how to decrypt your messages.
On the other hand, simple solutions have their own particular weaknesses. For example, I know an accountant who emails sensitive material as password-protected PDFs. The message accompanying the file informs the recipient that the PDF’s password is the last four digits of their Social Security number. But according to the How Secure is My Password website, a desktop PC can hack a four-digit number in less than an eye-blink.
Here are three ways to send encrypted email that are both secure and relatively easy to implement. Hopefully, the person you’re sharing information with can handle one of them.
Solution 1: Send an encrypted ZIP file
Nearly all PC users are familiar with .zip archive files. Significantly fewer .zip users are aware that these files can be password-protected. Done right, it’s a reasonably easy and quite secure way to pass along information.
Again, if you do it right.
First, you have to know what type of encryption you should use. The .zip format has its own password protection, but it’s easily hacked. Fortunately, ZIP also supports strong AES-256 encryption (more info), and that’s the one to use.
Windows, too, has native support for zipping and unzipping files — but not with AES-level encryption. However, most third-party compression programs, including WinZip (website) and the free 7-Zip (see Figure 1; website), do. Just make sure you pick the correct encryption method whenever zipping a file.
Figure 1. 7-Zip offers strong AES-256 encryption.
Next, no encryption method is secure without a strong password. As my accountant’s story makes clear, the password is often the weak link. You need a password you can share with the recipient but that no one else can guess.
If you know the person well enough, you could send them clues — preferably in a separate email. “It’s the name of the dog you grew up with, followed by your first boyfriend’s last name, ending in the year your ice-skating team won the championship.” (Good luck with that!)
More practically, you can simply text the recipient the password via cellphone. (It’s unlikely that anyone short of the NSA will intercept an Internet-based email and a cellphone-based text and figure out that they go together.) Or call them up and give them the password verbally. (But remind them it’s best not to leave it on a Post-it note stuck to their monitor.)
Solution 2: A plug-in, email-encryption app
Most email users don’t know that there’s an open standard for encrypted email that doesn’t require sharing passwords with anybody. If the technology were integrated into everyone’s mail client, sending and receiving encrypted mail would be no challenge at all.
Why isn’t it integrated into all mail clients? I suspect because email service providers and others want to continue scanning your mail for useful information about you.
Based on the Pretty Good Privacy (PGP) technology, OpenPGP (site) uses public-key/private-key encryption. Each key is a long string of seemingly pointless text. The public key only encrypts; you can safely share this with everybody. The private key only decrypts; you don’t share it with anybody.
Let’s assume I want to send you some private information — like the real identity of Luke Skywalker’s father. First, you’d email me your public key. Using that, I’d encrypt my message and then send it to you. Even if the Galactic Empire intercepts both components of the message — the public key and the encrypted mail — it still can’t read what I sent to you. But, thanks to your private key, you can.
Most mail clients don’t include OpenPGP, but it’s relatively easy to add. For example, the Chrome plug-in Mailvelope (Chrome Web store; Mailvelope site) gives several Web-based mail services OpenPGP support. I’ve tested it successfully with Gmail, Yahoo, and Outlook.com. It works, and it makes an excellent choice when sending lots of sensitive messages to a few tech-savvy folks.
But before downloading that OpenPGP plugin, take note of its limitations. For example, it currently supports only straight text. Until that shortcoming is fixed, you can’t use it to send attached files.
You must use Mailvelope in Google Chrome; there’s currently no support for Internet Explorer, but a Firefox version is in development. (An early preview is available.)
It’s also a bit complicated to set up and use. Here’s how you typically do it for a Web-based email client:
Download and install the plugin; a new Mailvelope icon will appear in your browser’s toolbar.
Click the Mailvelope icon and select Options. In the left pane, click Generate Key.
Figure 2. Mailvelope Options
Fill in the form. The passphrase should be a conventional password — something you can remember or store in a password manager and which others can’t guess.
Click Submit when done. (If you get a “Generation Error,” try again.)
Figure 3. Generate public/private encryption keys.
In the left pane, click Display Keys. If a key isn’t visible, reload the page.
Figure 4. Display public key
Select the key and click the Export button. Select how you want to share your public key, and then share it with anyone who might want to send you secure information.
Figure 5. Exporting the public key
The next time you compose an email, you’ll notice a new icon in the upper-right corner. We’ll get to that shortly.
When you receive someone’s public key:
Copy the public key, then click the Mailvelope icon and select Options.
Click Import Keys and follow the prompts.
To send a secure message:
Open a new-message entry form in the usual way.
Click the Mailvelope icon in the upper-right corner of the message’s body-text window.
Figure 6. Mailvelope's text-entry icon (highlighted in yellow) in Gmail
Type or paste your private information into the popup window.
Click the padlock icon in the upper-right corner.
In the resulting dialog box, select the appropriate recipient from the pull-down menu, then click the Add button. The recipient will appear in the “Encrypt for” box. Click OK.
Figure 7. Enter recipient.
Click Transfer, then send the message the usual way.
To read a message:
Open the message. An icon of an envelope with a padlock will appear. Click it. (The mouse pointer will turn into a key icon.)
Figure 8. Opening encrypted mail
Enter the password you used when generating your key. The secret message will appear in a box.
Figure 9. Entering the decryption key to read the message
With a bit of practice, you should be able to secure and unencrypt your Mailvelope mail relatively quickly.
Solution 3: Sendinc’s online mail service
If you need secure communications only occasionally, or if your recipient knows little more than how to open an email or sign in to a website, try a solution that doesn’t require any special software or setups.
The Web-based service Sendinc (site) lets you simply and securely send and receive messages and files. You sign in with your email address and a password (and yes, it should be a strong one), enter the recipient’s email address, write a message, and attach files (see Figure 10). Sendinc emails a notice to the recipient, who follows the link, enters their own Sendinc password, and gets access to your sensitive information.
Figure 10. Sendinc's secure email-entry form
If the recipient doesn’t have a Sendinc account, they’ll have to sign up for one to see your message. Free accounts have limitations — for instance, you can’t send messages larger than 10MB (but you can receive them). A Sendinc webpage lets you compare the service’s free and paid versions.
How secure is Sendinc? According to the company’s website, your message is uploaded via SSL encryption and each message generates a unique encryption key that Sendinc destroys after sending it to the recipient. Messages stay on Sendinc’s servers, in encrypted form, for seven days (a default that can be changed with the paid version). You’ll find more details on the How Sendinc works page.
Coming attractions: StartMail’s email system
The preliminary information on StartMail (site) looks interesting. The service — not yet even in beta when I wrote this — claims to be “The world’s most private email”: sort of a Gmail with privacy.
According to a company representative, email will remain encrypted on StartMail servers and can’t be accessed by company employees. Sending secure messages between StartMail accounts will be transparent to users; send a secure message to someone using another service, and StartMail will find a way to forward it securely — such as by using OpenPGP.
StartMail won’t be free, but it should be inexpensive. Currently, the company is planning for fees of U.S. $5 to $7 per month.
Will it be worth the money? I’ll tell you when it becomes available and I’ve had a chance to try it.