Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Wow! + Securing your e-mail, Part 5

Folks, I am just not sure that I have it in me to write today — I’m still staggered by yesterday’s Super Bowl. I’m reeling. Stunned. And.. chagrined.
At the very start of the season I predicted (to anyone who would listen) that the New England Patriots would win the Super Bowl. I repeated this prediction — with growing assurance — each week.
(“But what about the Colts?” was the main objection/reaction I received.)

The omniscience of my prediction was bolstered by an undefeated season, and the Pats went into yesterday’s game something like 12-point favorites. They were playing (against) a wildcard team (only once before has a wildcard team made it all the way to Super Bowl victory) led by a young and untested QB.
I think you can figure where I placed my bet. Who could not say that the Patriots were the best team this year?
Wow. The reality was like a Disney movie. I expect the scientists to announce that the Earth’s magnetic poles have flipped positions any day now.

Now, back to work:
Now that we have WinPT installed and configured, it is time to start using GPG to encrypt our e-mails. Our public and private keys have been generated, and our public key is has been made into a transferable file (“Export”).

But first, lets review:
a: You will have downloaded and Installed WinPT, as I described in Part 3 of this series. (Those of you using a e-mail client other than Outlook Express will also need to download+Install the appropriate “plug-in”.)
b: And you will have configured the encryption program (GPG) and generated your keypair, as described in Part 4.
c: Those of you using Outlook Express (as I am for this demonstration) also need to launch the OE plug in (GPGOEInit). Simply click on it in the WinPT folder of your Programs list. Start >All Programs >Windows Privacy Tools >GPGOEInit. (also, please note the “Documentation” option.)
gpgoe.jpg

If you have played along, you should see two icons in your System Tray (by the clock), the WinPT “key”, and the OE plug-in’s “padlock”.
icons.jpg
d: You will also have “Exported” your private key, and sent your key to the person(s) you want to exchange encrypted e-mail with. (The documentation, and my previous articles, discuss key exchange methods.) They will use your key to encrypt the e-mails they send to you.

Congratulations! You have come far. But, it should be fairly clear that for encryption to work, both ends of the transaction need to have the encoding/decoding tools– in short, the person you are exchanging encrypted messages with also needs to have GPG installed, and they will have needed to send you their public key (which you will have “Import”-ed onto your keyring).
If they have not (yet) installed WinPT/GPG, you can point them to this series by copy>pasting this URL https://techpaul.wordpress.com/2008/01/28/whos-reading-your-e-mail-part-1/ and sending it to them.

If these thing are in place, open OE and create a new message.

send.jpg

When using GPG, the appropriate method to encrypt the message is to issue a hotkey command: when your e-mail is typed and ready to go out, hit Ctrl+Alt+E. You will see a WinPT window tell you that the encryption was successful. Now click Send.
When you receive an encrypted message, open it and hit the Ctrl+Alt+D key.

The screenshot below shows the sample e-mail (encrypted) as viewed by a machine which does not have GPG capability. This is how it looks to anyone who might intercept it.
scrambled.jpg

Clearly, this “after” picture is quite a bit different than the “before” picture, and my e-mail is unreadable by unwanted eyes.
Now you can safely and securely exchange sensitive, private, e-mail with only the intended recipient.

I will continue this series with more ways to use WinPT/GPG, and describe other tools/methods for encrypting e-mail, but will take a bit of a break before doing so — there is much in news I want to discuss first.

[Please note: the e-mail accounts and keys shown were temporary and have already been deleted.]

Today’s free link: For many people, the best part of any Super Bowl is the commercials. If you would like to view this year’s ads again, click here. You can even vote for your favorite.

Copyright 2007-8 © Tech Paul. All rights reserved.

Share this post :

February 4, 2008 Posted by | advice, computers, encrypting files, IE 7, PC, privacy, security, tech, Windows | , , , , , , | Leave a comment

E-mail security, Part 4

Okay, so you have downloaded WinPT and read yesterday’s How To, and are ready to launch Setup and complete the Install.
Where we left off was we had hit the “Finish” button. You will now see this “error message”, which is scary, but not really a big deal… WinPT is installed, but not yet configured: click “Yes” to continue the setup.
genkyring.jpg

Here is the next message… which explains the “error”.
genkyring2.jpg
Select the top radio button, “Have WinPT generate a key pair”. This will create your your “key ring” and your “master” keys– a private (secret) key, and the Public key you will send to people.
gen1.jpg
This is the key pair generation window (you accept the defaults). Here is where you enter your primary e-mail address (the mail you want to encrypt) and the key’s passphrase. The passphrase serves two purposes, it is used by the encryption algorithm to generate your unique key code, and it is what you will type in to tell WinPT you’re really you (such as when you decrypt an incoming message)…so you’ll want to select (and write down) a passphrase that’s easy to remember and quickly type-able, yet rather long.. 14 characters is a good target length.
Click “Start” to generate your keys.
gen_prog.jpg
Depending on the speed of your CPU, it may take a couple of minutes before you see…
genkyring5.jpg

Click “OK”. When WinPT asks you if you want to “back up” your keys, answer “Yes” (or, you can do it later..but I do recommend doing it!). Your Setup has now completed and you have created your encryption keypair. Right-click on the WinPT “key” icon in your System Tray (by the clock), and select “Key Manager”. This will show all the keys you have on your “key ring”.
As you can see, there is your key pair. The next step is to make your Public key “exportable” so that you can send a copy to your recipient(s).

Select “Export” from the Key menu, as shown.
exprtkey.jpg
You will be asked for a location to save the file, and you can rename it during this step. I suggest you do, as the default name will look like “0x12AGTYX”. I named my Public key “AplusPaul key”. Here’s what my Public key looks like when Open-ed in Notepad.
copy-key.jpg
One way to send this key is to Ctrl+A (Select All), as I have done in the screenshot, then Ctrl+C (Copy) and then Ctrl+V (Paste) it into an e-mail. WinPT can use that to import the key to its key ring. Another way is to simply attach the file, AplusPaul key, to an e-mail. When someone sends you their Public key, you repeat the process, only using the Import option.
Contrary to intuition, you should also now use Key Manager to issue a revocation file for your keypair, using the Key >Revoke option. More details on Importing/Exporting keys can be found in the Documents folder of the WinPT install folder (C:\Program Files\Windows Privacy Tools\Docs.)
import.jpg

This screenshot shows an e-mail encrypted using my new keypair, as someone without the proper un-encrypting key would see it.
scrambled.jpg

There’s one last configuration step before you can start using WinPT to encrypt your e-mails (unless you’re using a client other than Outlook Express) and that is to set a path in the GPG control panel. Right-click the WinPT System Tray icon and select “Preferences”, and then “GPG”.
finishgpg.jpg
You need to Copy the path found in the upper dialogue windows and paste it into the “Locale Directory” window. (Why this is not done automatically, I’m not real clear on.)

I realize that this is a rather lengthy process, and may seem too complicated for some of you. I hope that it is not too daunting, and that you at least give it a try. There are helpful instructions provided both in the download, and on the Web, if you have more questions about the installation and configuring of WinPT and GPG. (Though I should mention: the winpt.org pages are “dead”, and redirect to a weird search portal that’s totally useless.)
Tomorrow I will show you how to actually put your encryption tool to use.

*Please note: the keys and e-mail accounts shown here were temporary creations or fabrications and are already deleted.

Today’s free link: Today’s reco is one that I have not personally used (but it was ‘referred’), and so I cannot vouch for it in any way. Tovo. From site: “Start up Tovo and watch TV while you chat to your MSN, AIM or Yahoo friends. Listen to Radio whilst searching the Web, finding maps or looking up phone numbers. Get the latest news feeds while chatting on the phone. It’s not just media. It’s not just communications. Its everything in one place.

Copyright 2007-8 © Tech Paul. All rights reserved.

Share this post :

February 1, 2008 Posted by | advice, computers, encrypting files, how to, PC, privacy, security, tech, Windows | , , | Leave a comment

Securing e-mail, Part 3

The first step to encrypting your e-mails is to download and install the free Windows Privacy Tools– WinPT (Mac users will go directly to GPG and download the Mac version). The WinPT download can be found here.

Click the download link, and when the Download window opens select the option to Save (save to disk), and choose a location, such as your Desktop. When the downloadinst_icon.jpg is completed, find the (new) winpt-install icon, and double-click on it, and choose “Run. This will start the Install wizard.
**Please don’t do this until you have read Part 4.

Make sure the Install language is English, and click “OK”. A “welcome” screen will show that the installer package is ready: click the “Next” button… and “Agree” to the EULA.
Accepting the defaults (by clicking “Next”) as you go through the wizard is recommended. Make sure the Options screen looks like this..
inst_opts.jpg
which it should, by default. Do the same with the Additional Tasks, and click “Install”.
inst_optsadv.jpg
When it has finished the Install process..
finish.jpg
Click the “Finish” button.
WinPT is now installed, as well as the Outlook Express plug-in, and you now have a graphical interface with GPG.

Okay, we’re done for today. Tomorrow, I will demonstrate how to generate your key pair, and “export” your public key so that you can send it to folks.
In the meantime, I highly recommend navigating to the WinPT folder and looking at the WinPT “owner’s manual” PDF file. (By accepting the defaults during the Install, you will find this folder in C:\Program Files\Windows Privacy Tools\Docs.)

Click here to read Part 4.

Copyright 2007-8 © Tech Paul. All rights reserved.

Share this post :

January 31, 2008 Posted by | advice, computers, encrypting files, how to, PC, privacy, security, tech, Windows | , , | 2 Comments

Encrypt your e-mail for privacy+security, Part 2

While e-mail is wonderfully efficient and fast (not to mention, free), it is not a terribly private nor secure communications medium. As I mentioned in the introduction to this series, Who’s reading your e-mail?, e-mail is transmitted in very-easy-to-open plain text (or HTML), travels through many different devices, and sometimes gets mis-delivered, or lost.. or ‘stolen’.

There are times when the material we need to communicate to someone else could really hurt us if the wrong eyes saw it. Some things should remain “confidential” (For Your Eyes Only) or/and private (Top Secret). These subjects may be your account numbers, business plans, bids or cost-estimates, love letters, travel plans, and whatnot. Unencrypted e-mail is really not the way to transmit these things.

Tip of the day: Encrypt your private communications. This series of articles will tell you how to implement a free method of encrypting your e-mail messages using GPG.
(For those readers who took my advice in yesterday’s article and looked at the description of Public-key cryptography on Wikipedia, this next will be review…) GPG uses “keys” to encrypt and decrypt files, as do most such tools. The problem with encrypting communications is — how do you give a copy of the key (so they can ‘unlock’ the file you have ‘locked’) to the person you’re sending to?
This dilemma is solved with the concept of key pairs– we are going to use GPG to generate a key pair: a “public” key, which we can send to anyone we like (or publish, for all to see), and one “private” (aka “secret”) key. It will take both keys for the system to work. (As the name implies, it is rather important to keep your private key to yourself… and to store a copy in a safe location.)

The way it works is:
1) you will encrypt your file/letter using your private key. Which you then Send to your intended recipient.
2) Your recipient uses you public key to decrypt and read your letter/file.

When your correspondent wants to send you a reply:
1) they encrypt it using your public key, and..
2) you decrypt the reply with your private key.
It takes both keys to work, and only you will have the private key.

The tool we are going to use, GPG (as part of WinPT [Windows Privacy Tools]), is quite flexible and adept, but works best (at encrypting e-mail) as a “plug-in” for your e-mail client (Outlook, Thunderbird, Outlook Express, ie.)
and your ‘private’ e-mail accounts.. such as the account your are provided with by your ISP.
(I will, also, demonstrate how it can used with browser accessed “web mail” accounts, such as the free services like Hotmail, Gmail, and Yahoo Mail.)

Those of you already using a client to access and mange your e-mail accounts will simply have to download GPG (Apple) or WinPT (and the appropriate plug-in) and install it, generate a key pair, and send your public key to those folks you want private correspondence with. Once that’s done you will be able to either automatically encrypt your e-mails (and their attachments), or right-click >encrypt.
WinPT comes with a built-in Outlook Express plug-in; and GPG offers plug-ins for the popular e-mail clients, and some of the less-popular clients too, such as Apple Mail and Eudora. For a complete list of compatible e-mail clients, click here.

For those of you who typically log into your e-mail via a web browser (IE, Firefox, etc.), I believe that in the long run — if you want to encrypt your mail — you will find it easier to get into the habit of using a client instead. I will be using Outlook Express for my demonstration (since all Windows machines come with it), but for everyday use I recommend using today’s free link.

To skip to Part 3, click here.

Today’s free link: I have posted this free tool before, but since it is so in-step with our topic (and it’s a darned-good program to boot) I will repost it. Thunderbird 2, from Mozilla. Access and manage various accounts from one place, and get great spam filtering.

Copyright © 2007-8 Tech Paul. All rights reserved.

Share this post :

January 30, 2008 Posted by | advice, Apple, computers, encrypting files, how to, PC, security, tech, Windows | , , , , , , | 3 Comments