- How-To Booklet
- 1. How to protect your computer from malware and hackers
- 2. How to protect your information from physical threats
- 3. How to create and maintain secure passwords
- 4. How to protect the sensitive files on your computer
- 5. How to recover from information loss
- 6. How to destroy sensitive information
- 7. How to keep your Internet communication private
- 8. How to remain anonymous and bypass censorship on the Internet
- Glossary
- Hands-On Guides
- Avast - anti-virus
- Spybot - anti-spyware
- Comodo - firewall
- KeePass - secure password storage
- TrueCrypt - secure file storage
- Cobian - backup
- Undelete Plus - file recovery
- Eraser - secure file removal
- CCleaner - temporary file removal
- Riseup - secure email service
- Pidgin + OTR - secure instant messaging
- VaultletSuite - secure mail client
- Thunderbird + Enigmail - secure mail client
- Firefox - Web browser
- Tor - anonymity and circumvention
- portable security
FAQ and Review
Submitted by genner on Fri, 11/21/2008 - 00:38.
Claudia and Pablo have configured Thunderbird to send and receive email through their RiseUp accounts. After checking their email, they are pleased that they can continue reading messages even if they disconnect from the Internet. Shortly thereafter, Claudia and Pablo each installed GnuPG and Enigmail, created their respective key pairs, exchanged public keys and validated one another's keys by comparing fingerprints.
Although it has taken them some time to understand the complexities of public key encryption, they can already see the benefits of having an encrypted and secure communication channel. As with all new software, however, they do have some questions.
Q: What happens if I just install Enigmail and not GnuPG?
A: That's simple, really. Enigmail just won't work. After all, it's the GnuPG software that provides the encryption engine that Enigmail uses.
Q: How many email accounts can I set up in Thunderbird?
A: As many as you like! Thunderbird is an email manager and can easily handle 20 or more email accounts!
Q: My friend has a Gmail account. Should I convince him to install Thunderbird and Enigmail?
A: That would be ideal. Just make sure he configures all of his security settings in exactly the same way as you did. Then the two of you will have an extremely effective way of communicating in privacy and safety!
Q: Remind me one more time, which parts of an email message does Enigmail encrypt?
A: Enigmail encrypts the message's content. It doesn't encrypt the subject line of the message, your email address or the name you chose to associate with that email account. So, if you're trying to send a confidential message, make sure the subject line doesn't give you away! And, if you want to stay anonymous, avoid using your real name when you create your email account.
Q: I still don't understand the purpose of digitally signing my messages.
A: A digital signature proves that you're the real sender of a particular message and that the message hasn't been tampered with on its way to your intended recipient. It's a bit like the wax seal on an envelope which contains a very important letter.
5.1 Review questions
- What are the differences between accessing your email through an Internet browser and a program like Thunderbird?
- How can you access your email securely using Thunderbird?
- How can you securely store your email account passwords in Thunderbird?
- Before you can send an encrypted message to a colleague of yours, what software do you need to install and configure?
- How can you protect yourself from email containing malicious content?