Since we now know that we can’t reasonably expect the emails we exchange with friends and colleagues to not be warehoused and read without our knowledge (and without a subpoena, warrant, or similar from the reading party), I want to shine a spotlight on one of the still-effective techniques available for restoring some privacy (with caveats) to personal email. This strategy is not new. In fact, it’s quite old. I’m talking about GNU Privacy Guard (GPG), a FOSS implementation of the OpenPGP encryption standard, and GPGMail, an awesome plugin for the native Mac Mail client.

Nowhere else to go

Like most people in the developer and tech communities, I was pissed to learn that two successful providers of encrypted email service (Lavabit and Silent Circle) had been pressured out of existence by the government (update: now Groklaw as well).

You’ve still got recourse

I wanted to find a workable email privacy guard that put the keys in my hands. As a developer, I work with asymmetric crypto day-to-day (i.e. SSH and SSL/TLS).

I experimented with encrypting, signing and sending some messages with GPG from the command line. Then I discovered that there’s an awesome drop-in plugin for doing the same with a click or two in Mac Mail. Under the hood it’s all the same, and I didn’t have any issues getting the behavior I expected out of the app. Currently I’m using a 4096-bit key, which even the experts are certain is a long way from being crackable (even big, powerful government compute clusters would fall short by orders of magnitude). If you want to get started with GPGMail yourself there’s a really nice guide here.

Big caveats

There are three really big caveats with this strategy. One is that your messages are only as secure as your private key and passphrase. If someone gets those through a backdoor on your machine, a keylogger or through legal action/coercion, messages sent to you will be immediately decryptable (as will any messages you’ve sent to other parties if their keys and passphrases are compromised). The second is that, apparently, encrypted emails get purged with a lot less expediency by government agencies than unencrypted ones. The third is that only the message is rendered secret by the PGP encryption. All other metadata, like your recipient and the email’s path, are not protected. So use with care.