Securing e-mail, Part 3
The first step to encrypting your e-mails is to download and install the free Windows Privacy Tools– WinPT (Mac users will go directly to GPG and download the Mac version). The WinPT download can be found here.
Click the download link, and when the Download window opens select the option to Save (save to disk), and choose a location, such as your Desktop. When the download
is completed, find the (new) winpt-install icon, and double-click on it, and choose “Run. This will start the Install wizard.
**Please don’t do this until you have read Part 4.
Make sure the Install language is English, and click “OK”. A “welcome” screen will show that the installer package is ready: click the “Next” button… and “Agree” to the EULA.
Accepting the defaults (by clicking “Next”) as you go through the wizard is recommended. Make sure the Options screen looks like this..
which it should, by default. Do the same with the Additional Tasks, and click “Install”.
When it has finished the Install process..
Click the “Finish” button.
WinPT is now installed, as well as the Outlook Express plug-in, and you now have a graphical interface with GPG.
Okay, we’re done for today. Tomorrow, I will demonstrate how to generate your key pair, and “export” your public key so that you can send it to folks.
In the meantime, I highly recommend navigating to the WinPT folder and looking at the WinPT “owner’s manual” PDF file. (By accepting the defaults during the Install, you will find this folder in C:\Program Files\Windows Privacy Tools\Docs.)
Click here to read Part 4.
Copyright 2007-8 © Tech Paul. All rights reserved.
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Encrypt your e-mail for privacy+security, Part 2
While e-mail is wonderfully efficient and fast (not to mention, free), it is not a terribly private nor secure communications medium. As I mentioned in the introduction to this series, Who’s reading your e-mail?, e-mail is transmitted in very-easy-to-open plain text (or HTML), travels through many different devices, and sometimes gets mis-delivered, or lost.. or ‘stolen’.
There are times when the material we need to communicate to someone else could really hurt us if the wrong eyes saw it. Some things should remain “confidential” (For Your Eyes Only) or/and private (Top Secret). These subjects may be your account numbers, business plans, bids or cost-estimates, love letters, travel plans, and whatnot. Unencrypted e-mail is really not the way to transmit these things.
Tip of the day: Encrypt your private communications. This series of articles will tell you how to implement a free method of encrypting your e-mail messages using GPG.
(For those readers who took my advice in yesterday’s article and looked at the description of Public-key cryptography on Wikipedia, this next will be review…) GPG uses “keys” to encrypt and decrypt files, as do most such tools. The problem with encrypting communications is — how do you give a copy of the key (so they can ‘unlock’ the file you have ‘locked’) to the person you’re sending to?
This dilemma is solved with the concept of key pairs– we are going to use GPG to generate a key pair: a “public” key, which we can send to anyone we like (or publish, for all to see), and one “private” (aka “secret”) key. It will take both keys for the system to work. (As the name implies, it is rather important to keep your private key to yourself… and to store a copy in a safe location.)
The way it works is:
1) you will encrypt your file/letter using your private key. Which you then Send to your intended recipient.
2) Your recipient uses you public key to decrypt and read your letter/file.
When your correspondent wants to send you a reply:
1) they encrypt it using your public key, and..
2) you decrypt the reply with your private key.
It takes both keys to work, and only you will have the private key.
The tool we are going to use, GPG (as part of WinPT [Windows Privacy Tools]), is quite flexible and adept, but works best (at encrypting e-mail) as a “plug-in” for your e-mail client (Outlook, Thunderbird, Outlook Express, ie.)
and your ‘private’ e-mail accounts.. such as the account your are provided with by your ISP.
(I will, also, demonstrate how it can used with browser accessed “web mail” accounts, such as the free services like Hotmail, Gmail, and Yahoo Mail.)
Those of you already using a client to access and mange your e-mail accounts will simply have to download GPG (Apple) or WinPT (and the appropriate plug-in) and install it, generate a key pair, and send your public key to those folks you want private correspondence with. Once that’s done you will be able to either automatically encrypt your e-mails (and their attachments), or right-click >encrypt.
WinPT comes with a built-in Outlook Express plug-in; and GPG offers plug-ins for the popular e-mail clients, and some of the less-popular clients too, such as Apple Mail and Eudora. For a complete list of compatible e-mail clients, click here.
For those of you who typically log into your e-mail via a web browser (IE, Firefox, etc.), I believe that in the long run — if you want to encrypt your mail — you will find it easier to get into the habit of using a client instead. I will be using Outlook Express for my demonstration (since all Windows machines come with it), but for everyday use I recommend using today’s free link.
To skip to Part 3, click here.
Today’s free link: I have posted this free tool before, but since it is so in-step with our topic (and it’s a darned-good program to boot) I will repost it. Thunderbird 2, from Mozilla. Access and manage various accounts from one place, and get great spam filtering.
Copyright © 2007-8 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
 |
|
Coming to a theater near you
I have, today, the opportunity to “network” with a pioneer in field of computers which will require me to do some travelling. So, I will not have time to write Part 2 of the ‘encrypt your e-mail’ series today– you will have to wait until tomorrow (sorry).
For those of you who like to read ahead, and be prepared for class, I am going to be discussing the method of securing communications called “Public-key cryptography“, and by clicking the link you can read the very good description of what this is and how it works posted on Wikipedia.
You may also want to read about PGP (Pretty Good Privacy), a cryptography tool that was not only one of the first, but is sort of the Gold Standard of privacy tools available to the public.
Since PGP is a powerful retail tool, and we here at Tech–for Everyone (me, myself, and I) are great believers in Open Source and other free tools, I will demonstrate encrypting your e-mail using the Open Source version of PGP, named “GPG” (GNU Privacy Guard). Specifically, I’ll be demonstrating how the use the Window’s graphical interface “frontend” found in WinPT. The link will take you to Wikipedia’s description.. and you can follow the links provided there to the WinPT website. Maybe take a look at the documentation and instructions found there.
This is the tool we will be downloading, installing and configuring, and using in this series. [note: GPG does work on Macs, but uses a different interface. Those of you with Macs will have slightly different install steps and your screens will “look different” but your operation will be the same. You will be able to securely e-mail your friends with either Windows or Macs.. and visa versa]
So.. do your homework, and tune in again tomorrow. And have a great day in the meantime.
Copyright © 2007-8 Tech Paul. All rights reserved.
Who’s reading your (e-)mail? Part 1
A little while ago I wrote an article cautioning folks that at your place of employment there are (most likely) people whose job it is to watch everything you do on your computer [read: They ARE reading your mail], and that this ‘safeguarding’ includes reading your e-mail and monitoring your IM’s (if Instant Messaging is allowed, that is). This should not be news to folks, and everyone –except perhaps the company’s owner — is aware that they have at least one Supervisor looking over their shoulder; and most of us behave accordingly.
But what about when we’re not at work– is someone reading the e-mail you send from home? Are they reading your @comcast.com, @earthlink.net, or your Gmail/Hotmail/AOL Mail? Have you ever wondered about your private correspondence? Maybe you should.
Some writer more creative than me struck a very good analogy (and my hat’s off to you, whomever you were) in that e-mail (electronic mail) is like a postcard… anyone along the way (delivery route) can read it. If you don’t want anyone but the actual, intended recipient to read your letter, you have to put it in a sealed envelope. (And to be especially sure, send it by Registered Mail.)
1) As you may know (from previous postings here.. maybe) e-mail is composed and sent in either plain text or HTML. HTML and plain text can be ‘read’ by the most basic text editor (aka “word processor”) and every machine has one. That means that if an e-mail comes to you, you can read it… and any e-mail that I can get, I can read.
2) Just like the regular mail, an e-mail does not appear in your mailbox by magic — it gets “handled” many times as it travels from Point A to Point B.
To demonstrate, let’s say I am sending a “thank you” e-mail to my friend Marge whose email address is marge.public@bigisp.net. I compose my e-mail using my Hotmail account and hit Send.
My message is uploaded to a Hotmail server for delivery: to continue the analogy, this is like my local Post Office. The Hotmail server examines the “To:” part of the header looking for the recipient’s domain — namely, “bigisp.net” — and forwards the email to Marge’s ISP: this is like the Mail clerk putting it in the “Chicago” bag. The e-mail bounces from router to router as it travels across the land: this is like the “Chicago” bag’s truck ride to the airport, plane ride to Chicago, truck ride to the Chicago Main Post Office, where it is sorted (again) and driven to the Deerfield (sub-)Post Office.
The e-mail reaches the e-mail servers at Big ISP, (Deerfield P.O.) where the address before the “@” symbol is examined — marge.public — and a copy is stored in the address space reserved for Marge.. trucked to her mailbox. When Marge goes to her Inbox, her e-mail client will download the file.. or her browser will Open and view the file. A copy sits on a server until it’s deleted and the Trash emptied.
Also like the “real” mail, the TCP/IP email protocols are very good at getting the e-mail/file from my machine to Marge’s e-mail server, but from time-to-time a slight mishap happens and my letter lands in Marge’s neighbor’smailbox… or in the mailbox of a “Margy Public”, in Tampa, FL., or in some mysterious mail never-neverland black hole vortex, and never gets delivered to anyone. You could get (and read) Marge’s ‘Thank you’, and I would never know. It doesn’t happen often…but it happens.
(Yes, there are similar laws regarding e-mail as there are the US Mail, but.)
And just like the real mail, criminals steal it. Criminals (and soon-to-be-Ex-spouses?) can “intercept” your mail with “sniffer” tools. Or they can log into your Inbox if they’ve learned your password… maybe while watching you enter it [“shoulder surfing”] at a public place, like your library, or by keylogging. Or maybe Big ISP’s servers have been compromised. (If you use weak, or obvious passwords, they may simply guess it.. or run a dictionary crack on it.)
Someone very wise once said, (and I paraphrase here, I’m sure) “Never put into writing what you wouldn’t be proud for the whole world to read.” I believe this is good advice. E-mail is not terribly secure nor is it truly private. It is transmitted “in the clear”, over wires (or by radio, if you {or Marge} use wireless). A person should keep this in mind when using e-mail to communicate.
Should you need (or have a strong desire) to keep your e-mails private between the two parties (You might be thinking to yourself, “if anybody read my e-mails, they’d be bored to tears!”), you need to put the letter in an “envelope”, and the way to do that is to encrypt them. Not only does encryption ensure privacy, by obfuscating the message as it travels, it gives security because only the person with the key can decipher the secret code and read the message. (A mail-thief will not have the key.)
As you will note from the “Part 1” in the title of today’s, I intend to explain encryption in more detail, and show you the steps for installing and using a free e-mail encryption program in a series of articles. So be sure to tune in tomorrow (which you would have done anyway.. right?) for the next instalment.
Copyright © 2007-8 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
HTML e-mail and image spam (repost)
Sorry folks, I have been performing tech support non-stop since 8am this morning. Took a break to eat lunch and quickly repost this prior article, which appear 1/3/08–
There has been a shift in e-mail away from simple “plain text” format to the more dynamic HTML ‘language’. This is due, in large extent, to the popularity of the Web-based e-mail accounts (GMail, Hotmail, Yahoo Mail) which has led most of us use our Web browser to access our Inboxes. HTML is (one of) the language(s) used to build websites.
There are many advantages — particularly to businesses — to using HTML to create an e-mail: HTML allows special fonts, colors, and characters, advanced formatting, and the embedding of images — such as the corporate logo. However, the very same characteristics of HTML which allows hackers to created poisoned websites allows them to create poisoned e-mails (which can infect your computer with malware, and allow a hacker to gain a “backdoor” to your system).
Tip of the day: Thwart the bad guys, set your e-mail client to “view as plain text”. (If you use Web-based mail, these changes can be made to your Settings as well; usual found in the E-mail Options menu.)
When HTML is viewed as plain text, the dynamic aspects (the dangerous ones) no longer issue commands but appear as ‘gibberish’, and the images are not downloaded to your browser (the very act of which tells a spammer that your e-mail address is valid).
When viewed as plain text, an HTML e-mail will look something like this...
> Content-Type: text/html; charset=ISO-8859-1 MIME-Version: 1.0
> Message-Id: 200801027772801.B6301EA@www.acme.com
> Date: Wed, 2 Jan 2008 12:28:01 -0500 (EST)
> X-NAS-Language: Unknown
> X-NAS-Bayes: #0: 1.83836E-098; #1: 1
> X-NAS-Classification: 0
> X-NAS-MessageID: 12651
> X-NAS-Validation: {5D10C463-FDBA-462F-8117-435D5F76DB08}
>
> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN”
…which is quite different than, “Hi Joe! What do you know?” But if you scroll down through all that ‘gibberish’ (HTML code), you will come to the > <body> entry, which is the “meat” of the e-mail, and you’ll see..
> <body>Hi Joe! What do you know?</br>
…ignore the funny code and you’ll be able to read your e-mail without fear of “drive-by” worms and trojan horses, exploit code, giving away your address; and, you’ll — over time — reduce the amount of spam you receive.
I’m going to demonstrate changing your Settings in Outlook Express, but the method applies to other clients as well…though the menu names/locations may be slightly different.
Click on the Tools menu and select “Options”. You are going to change the way you read your e-mail, so click on the Read tab.
Find the setting for “Read as plain text” and select it– In OE, that means placing a check in the checkbox “Read all messages in plain text”. The “Apply” button will become active: click on it to effect the change.
Now click on the Security tab. Because spammers and hacker use images as their attack vector, and to bypass your spam filter, (images are downloaded from a server: the e-mail itself only contains a link), we’re going to block embedded images.
Place a check in the “Block images and other external content in HTML e-mail” and click the Apply button. That’s it, you’re done.
*When an occasion occurs that someone sends you an e-mail that has a graphic embedded that you do wish to see — a map, say — open this tab and uncheck the checkbox and view the email. When you’re done, set it back to the protected mode.
Today’s free link: Glary Utilities. From website: “Glary Utilities is the #1 free, powerful and all-in-one utility in the world market! It offers numerous powerful and easy-to-use system tools and utilities to fix, speed up, maintain and protect your PC.
Copyright 2007-8 © Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
A new category
A reader wrote and asked me why I never write about Apple computers, and while he was very polite about it, sort of accused me of being ignorant of one whole aspect of personal computing… at the very least, favoring Microsoft products, and he wanted to know why. And he was– partly– right: I do favor Windows over Macs.
I learned how to use computers on a Mac. The first software I ever 
purchased was Macintosh software (a u-boat commander game..) and I learned MS Office and Photoshop on a Mac (PageMaker, too). I had access to machines with Windows on them (Windows 3.1), but way back then, Macs were where it was at. I was a Mac enthusiast until the release of Windows 95 and the advent of “3D” graphics cards (remember Hercules?) and 32-bit sound cards… and Duke Nukem 3D: the Halo 3 of its day. What I’m saying here is quite simple — I was a Mac-guy, right up until games went “3D” and the first-person shooter genre was born.
Sure, Windows 95 and those early cards were “buggy”, but it simply wasn’t possible to open up a Mac and add the expansion cards one needed. (And in fact, Apple maintained a hardware “ownership” [proprietary] until quite recently.) I left Apple for Windows and I’ve never looked back. I really do prefer, and have enthusiasm for, Windows PC’s.
Why?
1) Because early versions of Windows, and early PnP, and early expansion cards were so buggy, crash-prone, and incompatible, I had to learn how to fix and tweak things in Windows and get thing working right. This led to the discovery that I enjoyed building and repairing and tweaking computers; and eventually I became a certified computer technician. I enjoy helping people and my Tech Support business (and this blog) allows me to help people every day.
2) There’s so much MORE in Windows. There’s tons more software. Hundreds of more game titles (the “biggie” for me). More devices (this is not as true as it was a couple of years ago). More everything than there is in Apple. This is especially true in freeware (free programs), which Loyal Friends and True know is another particular passion of mine.
3) Apple doesn’t let you tweak like Windows does. I simply need — being a bit of a control freak — to be able to go deep into my Registry, blindly delete some vital entry, and destroy my Windows functionality (so I can re-Install, and start from scratch). If I cannot do this, I am not in control– the OS is. Apple prefers that you not have easy access to key Settings so that you cause fewer fatal errors.
4) Apple (hardware) is ridiculously over-priced; and Help Desk types ain’t millionaires. Apple has a certain “cachet”, and I am not the slightest bit image-conscious.
But where the letter writer was wrong is that I am not ignorant of Apple at all. I run an OSX 10.4 “Tiger” machine on my personal network. I watched them erect the first Apple building, and I live near where the yearly MacWorld Expo is held. I grew up in “Silicon Valley”… which there wouldn’t have been without Apple (IMHO). And, I was the only “Windows guy” in an Apple family.
So, thanks to this letter writer, I am adding a category to Tech–for Everyone (labeled, simply, “Apple”) and I will endeavour to write more articles about working with Apple products. Such as…
The new Apple “Air” — the “world’s thinnest notebook” — is not for you (how’s that for an opening statement?!). It’s (true) target demographic is corporate jet-setters and other mover-and-shaker types for whom cachet and image is everything.. people who spend $800 on a haircut and $20K on a briefcase.. who simply must make a splash when they walk into the boardroom.. (I think I’ve made my point). How can I say that?
The Air has one USB port, and doesn’t allow you to “upgrade” your RAM or your hard drive — the two most common laptop upgrades — and doesn’t have an optical drive. If you want more RAM, no. If you want more than 80 GB’s of (parallel, not SATA) storage, you can attach an external drive. If you want to play a DVD or CD, you can attach an external drive… if you want to do both, you can attach a USB hub, and then attach the external drives. There is simply no Firewire ability. There’s no Ethernet or modem port…and the headphone jack is mono.
Ridiculous.
Today’s free link: It is time to start thinking about taxes (Yippee!) and I, like so many others, use a program to help me figure out, and prepare my statements. The tax-prep software I use is the free TaxCut Basic from H&R Block. E-filing is optional. There are a wide array of services available through this link, that are definitely worth taking a look at. And, there’s a Mac version.
Copyright © 2007-8 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Spam+Paris Hilton+Google Groups
Sometimes, you just have to scratch your head and wonder. Today I am wondering at the human animal, as I am beginning to think (okay.. not really beginning) that there are some pretty strange specimens out there. Of course I am not referring to you, Dear Reader… but to other people.
Those of you who view this series via RSS feed are viewing a ‘stripped down’ version of the Tech–for Everyone website, and you do not see the Calendar and Top 10 Posts, and “Fave this” buttons, etc., that are in the side columns. 
And so you cannot see the button which shows how many spam comments have been blocked from this site: so here’s a screenshot of it.
I have been up and running since mid-June (200-odd days) and as you can see, over 5,000 people have tried to post advertising as a Comment under an article — roughly 25 a day. I have yet to see a duplicate, and most appear to be hand-written and manually entered.
I scan these filtered Comments before deleting them (to make sure there’s not a genuine, that’s been “false-positive’d”) and so I can tell you that some of these people are simply trying a cheap and easy way to get a link back to their website.. which is one method search engines use to “rank” websites. These look pretty much all the same; “Hi! You have done a great job with your website. Could you take a look at mine? http://www.goofyurl.com”.
By far-and-away the largest “type” of spam comment is a list of 20-30 website addresses,
“Hi. I find some sites.
http://www.fake-viagra.com
http://www.buycheapfakeviagra.com
http://www.viagra-cheap-buy.com
http://www.u-fakedrugs.com/viagra”
and so on, and etc. for several lines. Sometimes it’s porn, but usually it’s “erectile dysfunction” meds. Often, there’s a “.cn” in the URL– http://goodcheapviagra4you.cn.com — which means the site is based in China.
Right. I’m going to click on a URL (one of a list of 40 similar URL’s) some clown named “rl2345urg@mail.ru” (dot ru=Russia) sends me, so I can ‘score’ some counterfeit sex drug off of a ChiComm.
As I said, my website gets a dozen, or more, of these a day. Think about that— there’s a group of people making counterfeit Viagra and packaging it and are ready to mail it; there are people building all these websites; and there are people creating these lists of these websites, and cruising blog sites and pasting these lists into Comment boxes. That’s a lot of people. That’s a lot of people all working hard at nothing but trying to pull a scam.
Q: What do you do for a living?
A: I post spam comments on blogs.
These list have changed recently, as these scammers have taken advantage of the free pages offered by Google (and Yahoo,etc.) for members of what Google calls “Groups”… which is supposed to be a “community”-type arena where people with similar interests and tastes can get together and discuss their.. well, their interests and tastes. These spam lists look like,
“Hi. I find some sites.
http://groups.google.com/group/adult/adult3/nastypictures
http://groups.google.com/group/adult/adult-3/nastypictures/bigones.jpg
http://groups.google.com/group/adult/adult3/sicknastypictures
http://groups.google.com/group/adult/adultsonly/nastypictures/picture.jpg” and so on.
Clicking on these URL’s will infect your computer with malware.
And just when I thought my prayers had been answered, and Paris Hilton had finally vanished from the limelight of world media and public consciousness, I get three Comment spam lists of Google Groups pages promising JPEGs of her nude. Yippee.
Again, I ask you to consider the number of people devoted to this.. enterprise, and, I remind you, these comments are (almost) always automatically filtered and blocked… they never see the light of day.
Tip of the day: Do not — ever — click on anything that you see that looks like this. The only reason anyone could have for going through this much time and effort (spoiling the Internet in the process) is because it works. Occasionally. (I refer you to this prior article.) 
If everyone would stop clicking links, spam would go away… and these clowns might have to get real jobs.
Look at the number change in the time it took to write this article. Makes you wonder…
Today’s free link: looking for an all-in-one digital media tool? Try JetAudio 7. From site: “Not only does it play various music and video files, it also has features such as CD burning, recording, and conversion to other file formats. You can create your own Internet broadcasts, and you can play all major file formats, including WAV, MP3, MP3Pro, OGG, WMA, MPEG, AVI, WMV, MIDI, RM, and video and audio CD tracks.”
Copyright © 2007-8 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 
