Internet privacy

From Appropedia
Jump to: navigation, search

The Internet has given the world a form of pseudo-telepathy, permitting people in distant continents to connect by mutual interest, need or affiliation. Near-free sharing of information, whether as a personal note or a music file, is now trivial in many parts of the world and possible with some effort in almost the entire world. The impact of this technology is unparalleled; in only 20 years, the Internet has shaken the foundation of globalism, culture, and government. It changes everything it touches, bringing a culture of openness, value for achievement rather than money, and shared intellectualism.

However, the internet has also enabled a new level of personal intrusion, whether it be the ease of reading email as it flies through the aether, or Facebook and Google's ability to perform face-detection searches on unimaginably vast and growing collections of photographs. Your whereabouts and behaviour on any given day could be inferred by your presence in the background of Facebook users' photographs, correlated with the social network's granular information about your friends, family and workplace.

Some of this is inevitable and unavoidable, unless you plan to take direct action to obscure yourself in daily life. However, some practical measures will allow you to enjoy the full richness of the Internet while protecting a modicum of personal privacy.

Contents

[edit] Some Privacy Issues to Consider Today

  • When you search for something on Google, both Google (through use of cookies) and any servers in between you and Google (such as your local ISP) can see everything you are searching for, and link it easily to your person. This may be a problem if you are searching for information related to topics such as health, sexuality, political affiliation, media consumption or uncensored news.
  • When you allow companies to store your data, your data is subject to the law of the country where their servers reside. So, your emails as stored by Gmail are kept in America, and are subject to rudimentary protections from Police seizure without "probable cause", and have absolutely no protections against PATRIOT Act requests. If you belong to a culture or organisation that the US Government takes an interest in, such as Islam, Wikileaks, any NGO or the Government of any other country, you should assume your email is being actively observed.
  • Due to the architecture of the Email system, when you send email from one address to another, it is generally sent through servers as plain-text; any of the intervening servers may read your email without obstruction. Between large servers such as Gmail, Hotmail, Yahoo and such, there *possibly* exist dedicated channels to protect your email from casual observation (except by employees of those companies and NSA/CIA/FBI operatives who care to read them), but you should not assume that your email is protected. This is especially relevant if you are emailing a password, credit card details, address or phone number, etc.
  • Your choice of Browser, and the configuration of your browser, makes a huge difference to your privacy online. Without installing special plugins, your behaviour on the Internet can be tracked no matter where you go through cookies from Doubleclick.net, Facebook, etc. There is speculation that some commercial browsers, such as Internet Explorer, use built-in tracking to assist the parent company in generating relevant search results (Bing, in this case).
  • Every plugin you install is another method by which you can be tracked, unless you take some suitable measures to prevent this behaviour. Flash is the most obvious and vulnerable example, but luckily there exist several useful plugins for Firefox that will protect you from tracking through Flash.

[edit] Methods of Securing Your Internet Browsing

[edit] Choice of Operating System

Without going into too much detail, let it be said that the first step to securing your privacy in every regard is to choose a secure and fully-featured Operating System. No measures you take to protect yourself will do any good if your system is infected with a virus, and only one operating system is known to routinely collect viruses; Windows. Before you think of switching to OSX, the only reason that OSX has fewer viruses is because of reduced demand, not because it is more secure.

If you want security, freedom to choose your software suite, and excellent performance, choose Linux. Ubuntu is an excellent form of Linux that is designed for maximum usability and user-friendliness, with near-unparalleled software support through its huge userbase and its connection to the popular Debian distribution of Linux.

Ubuntu (like almost all Linuxes) is completely free to download and use. In fact, you can try Ubuntu by booting your computer into a "live session", which will not change your computer at all but allows you to try the desktop. Just bear in mind that because Live Mode runs entirely outside the Harddrive of your computer, it has less room to move: it will be much, much slower than a true install. When you want to install Ubuntu, you will have to option to install alongside Windows if you want to preserve the latter, but it is very prudent to back up your Windows documents first because irreparable errors can occur when the two OSes cross paths.

[edit] Choice of Browser

Immediately and permanently stop using Internet Explorer. Never go back. As the slowest, least secure and least featured browser in the market, Internet Explorer has almost nothing going for it. Compounding this, IE is a commercial product whose inner workings are entirely hidden from scrutiny; as mentioned above, there is speculation that tracking may be built-in to the IE browser.

While Opera and other alternative commercial browsers offer more features and better security against viruses and trojans, they remain closed-source software with fewer features and no accountability compared to the Open Source offerings.

There exist two excellent Open Source browsers in particular that will both deliver a superior and more secure browsing experience:

[edit] Firefox

Firefox is an entirely open source browser, created by users and employees of the Mozilla Foundation. Firefox is highly recommended provided you are willing to install the correct plugins, as it has superior support from the Open Source community and fewer ties to commercial entities. It supports all technologies you will ever need online, and more besides.

Firefox will work as-is, but it provides no specific privacy guards as given. Don't expect the "Private Browsing Mode" to do anything; this merely deletes local information on your computer after you finish browsing, without preventing people out in the world from seeing what you are doing at all.

To prevent tracking by cookies and flash-based "super-cookies", you will need to configure some settings and install several plugins. This is easier than it sounds. First, disable Third-Party (or all) cookies and change a few default settings to regularly clear cookies:

  1. Open the main Firefox Menu (or, if you have a full menu-bar at the top of the window, just open the "Edit" Menu
  2. Open the "Preferences" dialog
  3. In "Privacy", select "Tell web sites I do not want to be tracked" (This probably achieves nothing, but it's worth trying)
  4. In "Privacy" Disable Third Party Cookies (note; this might interfere with Windows/Hotmail/MSN based services) by changing the setting for "History: Firefox Will:" to "Use Custom Settings for History" (taken from this Mozilla help page). This will enable lots of extra options.
  5. You can choose to forbid cookies altogether, but there are many legitimate purposes for Cookies provided they are regularly deleted (We'll get to that). However, few sites have legitimate reasons to use Third-Party Cookies; it is best to uncheck this box.
  6. Change the "Keep Until" setting to "I close Firefox": this way, regular cookies will be destroyed whenever you close/reset the browser, reducing long-term tracking.
  7. You are well advised to select "Clear history when Firefox Closes".

Now, to install some powerful plugins to extend Firefox's protections:

  1. Open the menu again (or skip straight to "Tools" if it's on the titlebar)
  2. Select "Add-ons"; this will open a special page in Firefox.
  3. Search for and install the following plugins (Use exact names, there are copycats. Also, consider supporting the developers if you can afford to):
    1. Adblock Plus: This allows you to subscribe to a user-maintained list that will block ads. This improves your browsing experience generally, but also helps prevent those ads from loading and setting trackable content on your browser.
      1. When you restart, you may be asked to select a blocking list. Easylist is good, but any in your language will help. Some versions of Adblock Plus ask whether to permit Google Ads; for privacy, it's best not to permit them either.
    2. BetterPrivacy: This plugin allows you to set auto-deletion of "flash cookies", AKA "Super Cookies".
      1. To configure BetterPrivacy once fully installed (which requires restarting Firefox), go to Tools->Add-ons, select "Extensions" tab (the jigsaw piece) and select "Preferences" next to BetterPrivacy.
      2. The first page allows you to search likely directories where Super-Cookies are stored, and to view and manage/block/whitelist cookies that you think you might need. In practise, few services will be negatively effected by the deletion of Flash/Super Cookies.
      3. The second page (Options and Help) is more important, because correct setup means you will rarely if ever need to look at this plugin again.
      4. On the Options/Help page you are advised to select "Delete Flash cookies on Firefox Exit" and "Delete Flash cookies by Timer". For the latter, you can optionally specify "Not if modified within time interval": The difference is that if the latter setting is disabled, all Flash Cookies not specifically protected will be deleted every (time interval you set); this may be a problem if you are using a web application that uses Flash Cookies for something other than tracking! If the latter setting is used, then if you continue "using" a cookie, it will be protected from deletion.
      5. Select "Also delete Flashplayer cookie".
      6. Select "On cookie deletion also delete empty cookie folders".
      7. Select "Disable Ping Tracking"
      8. That's it for BetterPrivacy: With a low deletion interval, flash cookies will be regularly cleared out, helping to prevent services online from tracking you through flash.
    3. NoScript: This plugin is optional, but only because its effects can be drastic if poorly set-up. For true privacy, it is essential, but it will occasionally impede your online behaviour unless you remember to check the little menu-icon it installs in the navigation bar; often, if a website seems to be broken it's because Noscript has forbidden something it needs!
      1. To configure NoScript (when you restart Firefox and it installs fully), go to Tools->Add-Ons again and select the "Extensions" tab (the one that looks like a jigsaw piece). Select NoScript.
      2. On the first page is an important option: for a nice balance of easy internet browsing and privacy, select "Temporarily Allow Top-Level Sites by Default". This will mean that your current site can use scripts to control your browser in ways that are insecure, but it means that you won't have to manually interfere with Noscript every time you want a page to load correctly. The least-secure and most convenient setting is "Base 2nd level domains".
      3. You might also select "Allow sites opened through bookmarks"; after all, if you bookmarked them, they are probably valuable to you and should function well.
      4. In "Whitelist", you might want to add sites like "youtube.com" if you want embedded youtube videos to display correctly on other sites. However, check the list and delete some default entries such as "Google.com", "Facebook.com", "MSN.net", etc; because you have set "Allow Top-Level Sites by Default", you don't need to whitelist these sites for them to function correctly when you visit, but why should they "function" when you're elsewhere, and they are trying to track you?
      5. In "Embeddings", you should probably forbid Java, Flash, Silverlight, <IFRAME> and "Other Plugins", possibly also "WebGL". Again, when you want a site to function, or it's on your whitelist (populated automatically as you browse and specifically "Allow" websites), these settings will cease to apply.
      6. In "Appearance" select "Contextual menu": This will place a little icon in the shape of an "S" with a "forbidden" marque upon it next to your browsing control buttons. Check this button when a website is misbehaving, and try temporarily permitting some third-party sites that might be responsible until the site functions correctly (while bearing in mind that some of them may be better off left blocked!). Enable the options you might want: you might as well enable all but "Full Domains" and "Full Addresses" (which are redundant provided "Base 2nd Level Domains" is checked).
      7. In "Notifications", decide whether you want NoScript to explicitly tell you when it has blocked items on the page, and how long for the message to remain. You can also choose "XSS" to have NoScript inform you of Cross-Site Scripting attacks, and a few other notifications besides.
      8. There are a host of other functions you may decide to edit; consult the Noscript documentation for these. Some may have sweeping effects on your browsing experience, others when tuned correctly will protect you against a host of attacks without being visible to you at all.


[edit] Chromium

Chromium is an Open Source browser best known for being the foundation beneath Google Chrome. Chromium works perfectly without the Google Branding, and plugins work just fine; given the choice between an Open Source and branded offering, the former is always preferable on balance. However, Chromium has less support than Firefox and fewer plugins to protect privacy and system integrity.

Chromium will work as-is, but it provides no specific privacy guards as given. Don't expect the "Incognito Mode" to do anything; this merely deletes local information on your computer after you finish browsing, without preventing people out in the world from seeing what you are doing at all.

Many of the plugins described above for Firefox are available also for Chrome and may be set up in the same way.

[edit] Choice of Internet Services

After choice of browser and suitable plug-ins are settled, it will be difficult or impossible for web services to track you unless you permit them to do so. This is where your own behaviour becomes an important determinant of your privacy and security.

[edit] Facebook

Facebook are the most brazenly insecure, anti-privacy web service in the world. If you value your privacy, you'll suspend (because you're not permitted to delete) your account with Facebook and "Forbid" them in NoScript.

  • The privacy issues with Facebook are not explicitly to do with your deliberate actions of placing private information on Facebook. Rather, Facebook make extensive use of cookies to track your behaviour across the whole internet; anywhere where you see a Facebook "Like" button, you are looking at a virtual "camera" designed to search your browser for cookies so Facebook can identify you. This happens even if you do nothing to or with the "Like" button, and is the primary reason to forbid third-party cookies and enable NoScript to prevent the "Like" button from loading.
  • Of course, your personal information is not secure on Facebook anyway; everything you place on Facebook is sold to marketers and demographic aggregators, including your private messages to others. If Facebook know you have hepatitis, you may encounter your insurance quietly increasing; though it's illegal in many places for companies to use third-party information in this manner, it's poorly policed if at all and Facebook are not selective in who they provide information to.
  • Furthermore, any Applications in Facebook that you or your friends enable can access your information; to be precise, any information that your friend can see about you, so can any applications he or she installs. This is the primary means by which the most successful Facebook Applications make their money; Farmville or Gangster Wars are just pretty front-ends for widespread spyware applications. Even the USA's drone warfare control centers have been infected with malware by Facebook Applications.
[edit] Alternatives to Facebook: Diaspora

Diaspora*, an open-source, federated social network, provides an extensible and highly flexible social network for the privacy conscious. Because Diaspora can be installed on a local server if desired, a community could decide to host their own social network but have access to the full meta-network of other Diaspora users. This federated network model means that user data can be saved in a country that respects user data and privacy while communicating fully with users in less respectful countries.

For single users, there are already many Diaspora "pods" that allow open signup for members, in a selection of countries. These servers, known as "Pods", can be chosen by their "uptime" (the amount of time a server spends functional and online) and their jurisdiction to give a good balance of privacy, protection and convenience.

[edit] Gmail and Google Docs

Google, while they began with a very transparent agreement on user privacy, have fallen victim to competition with Facebook (which has severely lowered their ethical standards) and interference from the US government, with whom they comply quietly and completely on almost all demands no matter how baseless or unreasonable.

  • Google aggregate massive amounts of data on most web users; everything you search for is added to a profile on you if it can at all be linked to you (which it usually can; by active log-ins to Gmail or other Google Services, by cookie-tracking and IP-address geolocation, etc.). As with Facebook, they use this data to make money on advertising, though Google tend to act as a firewall between your actual identity and the advertisers whereas Facebook simply sell the data with your name, age, address etc. intact.
  • Users keep a nigh-unparalleled amount of valuable and private information on Google, from Email to Documents to private photographs.
  • Under US law, there are few protections over user data. Intrusive, disgruntled or bored US government officials may access your data with trivial ease, which would give them your password (probably used elsewhere, right?), your entire email history, your search history, your browsing history, and a sizeable chunk of your online purchase information. If you have a smartphone with an active Google application, particularly Google Latitude, they might even be able to access your precise location at any given time. Accessing this information requires a warrant for some bodies, but others may use PATRIOT act requests, which are interpreted in arcane ways by the US government with the result that there are basically no restrictions on their ability to invade personal privacy.
  • The Google Plus API, like the Facebook Like button, is used to track users across the internet. NoScript and disabling third-party cookies can protect against such tracking if correctly set up (see the guide on setting up Firefox, above).
[edit] Alternatives to Gmail: Hushmail or Own Email Server

Hushmail is a commercial service based in Canada that offers secure webmail email, though accounts must be paid for if they are to reliably last longer than a month. Accounts supporting IMAP or POP (necessary for accessing email via any means other than webmail) cost about $50 per year. Hushmail are dedicated to protection of user rights, and though they will hand over user data to legitimate legal requests (as any service should), they will only do so after verifying that legitimacy. Additionally, Hushmail is based outside the US, providing a measure of legal insulation from that country's surveillance excesses.

Personal Email Server - If a technical person in a community can set up and maintain an email server for other members of the community, a web-of-trust is formed in which everyone knows who can access and read their email. The primary manager of the email server should be assumed to have access to everyone's email if he or she chooses to read it. However, this is no different from Gmail, Yahoo or Hotmail services, where potentially thousands of employees can access a user's email.

  • Security: It could be that a person who you know personally is more likely to read your email, and the impact socially will be greater. Therefore, a wise community could implement checks upon a local mail hosting server:
    • By having one person keep the password to the server itself (which is by default secured in a password-required state) and having another person keep the password to the email server system and associated files. In this way, both maintainers are required to manage the email server if it needs maintenance. Only one need be a technical sysadmin; the other only needs to recall a password and act as a witness.
    • A local mail server can be more easily and reliably configured for PGP encryption through the webmail interface, whereas entrusting keys to a distant server means that anyone with access to the server can decrypt the email. This is a technical distinction but one which is very relevant to users whether they like it or not if they use encryption. Of course, no encryption at all is worse yet.
  • Convenience: Having a local server offers a bunch of advantages that are hard for a commercial service to match.
    • Collectivist hosting means that your storage allowance may be relatively large; if a community server hosts 100 people and the server has 2TB of hosting space, this means that each user could be allotted 20GB of space for email and documents, far more than most commercial offerings. When more space is needed, it can be upgraded by the community quite cheaply as a one-off payment.
    • A personal web server can be established so that it provides IMAP/POP email for phones, email clients and other personal servers, and a selection of user-friendly or well-featured webmail systems. SquirrelMail, Horde and RoundCube are three open-source webmail systems that provide different balances of features against user friendliness. Beginners can simply use the prettiest client they like, while advanced users can avail of a wide selection of plugins and customise their webmail experience.
    • Backing up email from a local system can be achieved by asking the system administrators to permit temporary access to the actual server, where a USB disk will suffice. Contrast this to the long process of downloading mail from Gmail via getmail or other network-based systems, which may in themselves be quite insecure; they pull email across the internet all over again, permitting skilled persons another chance to read your email!
[edit] Alternative to Google Docs: Owncloud

See below under "Alternative to Dropbox" for a round-up on OwnCloud's functionality as a virtualised folder and rich-interface online file manager. For document management, plugins for Owncloud are due soon that will enable basic file editing, and more functionality is expected over time.

Alternatively, by accessing files through a synchronised folder on a local computer or Android phone, documents can be edited locally with your favourite application; changes will then be synchronised to the Owncloud server. For mobile workers, this means that an Android Phone could be plugged into a computer at an Internet Cafe, the documents on the phone edited as needed, and when the phone next synchronises with OwnCloud the changes will be made to the server copies and new files uploaded. In this way, Owncloud already offers more flexibility than Google Docs for document management and editing.

Owncloud is not trivial to set up, and so a technical community member would be required for normal users to have access to Owncloud.

[edit] Twitter

Twitter, while it has behaved more ethically than any other company on its scale, is still worthy of moderate suspicion for two reasons:

  • Firstly, that its embedding API (Tweet this buttons etc.) could be used for user tracking in the same way as Facebook Like buttons and Google +1 buttons,
  • Secondly that, as a corporation within the USA, they are just as subject to arbitrary access to user data as any other company. However, Twitter (unlike any other company at its scale) has made a point of informing users when their data is subpoenaed, going so far as to sue the government to remove a gag order in order to do so.
[edit] Alternative: Identi.ca OR Status.net

Identica is the flagship server for Status.net, an open-source Federated Microblogging Client that can be installed on a home server if desired and still communicate with the greater network.

If a community server is established, Status.net software would be preferable, while for individuals Identi.ca offers a nice blend of Twitter-integration, application support and maintenance-free use.

[edit] Dropbox

Dropbox, a virtual file hosting and folder virtualisation system, allows users to treat a local folder on their PC as a "shared folder" with other computers, and to access the contents of this folder from elsewhere through an online interface or to share those documents with others. It has a free plan for 2GB of storage and paid hosting for greater amounts.

  • Dropbox has a poor security model which allows knowledgeable crackers to determine the contents of a user's dropbox under some circumstances, which may be enough to compromise their privacy on its own.
  • Files stored by Dropbox are subject to the same arbitrary government invasions as with Google or Twitter.
[edit] Alternative: OwnCloud

OwnCloud is an Open Source software system that allows you to set up your own "Cloud" on your Personal PC or home server, which you can then access from around the world to load files on and off, modify documents, log into web services via OpenID, listen to music, etc. It behaves in may ways as a particularly rich alternative to Dropbox, as it can integrate with the desktop of a remote computer through WebDAV to provide a virtual folder.

  • While OwnCloud requires setup by an advanced user, it is suggested that a community, group, family or club ask a knowledgeable member to set up and manage a community server on which email, Owncloud and other services are hosted.
  • Once set up, OwnCloud offers more features, far more space and a richer online interface than Dropbox.
  • Local file hosting means that you will always know when and if someone accesses your data by legal means, because you will be the one to receive the legal notice.
  • If desired or needed, FTP can be used to manage files on an Owncloud server, which may be more efficient or secure (if sFTP is used) than the Owncloud web interface or local shared folder.

[edit] Methods of Securing Your Email

[edit] Changing Mail Hosting to a Secure Server

As mentioned in "Alternatives to Gmail", Hushmail stand out as a good commercial alternative to Gmail that provide full functionality, although they require yearly payments in order to provide the full suite of functions. That's to be expected; Gmail is free because users are the product, whereas Hushmail provides the email service itself as a product, and users must pay for the privilege of respectful email hosting.

Also as mentioned above, the option exists for a community or individual to establish their own Email server, which has more advantages than one might expect provided a pair of technical users can be found or hired to maintain the server.

[edit] Using Email Encryption

Your email is not secure. When you send email, it is not sent like a "letter", with an envelope keeping the contents hidden: it's more like a postcard, that anyone along the way can read. When it reaches the mail server, it's open to the managers of the mail server to read whenever they like. When you download it from the server (if you're not using https://), anyone can see what you're reading and possibly even hijack your email.

Encryption means securing your email so that only you and the intended recipient can read the email, whether they have access to your inboxes or are listening in the middle or not. Provided they cannot break the cypher system used, they cannot read the email no matter where it is.

[edit] Pretty Good Privacy

The most common method of email encryption used is Pretty Good Privacy (PGP), and the most common system used to apply PGP to email is the Gnu Privacy Guard, known as GnuPG or GPG.

PGP functions on a public key/private key basis. Visualise it thusly; every email user has a "public key" that enables anyone to "lock" email destined for them. However, the email cannot then be "unlocked" with the public key: for that, you require the private key. When a user starts using PGP/GPG, the first step is to generate a key-pair for the email address it will be used with. How this is accomplished depends on the key management system chosen/used.

It is important to know without needing to understand that with the public key, a person can technically decode email, but to do so is impractical because an enormous amount of computing power and time is needed. However, with the rapid advancement of technology, your key pair will eventually be too "weak" to be considered secure. For this reason, it is best to start out with the strongest key pair you can generate; this is not the same as having a strong password, but you should have a strong password to protect the actual keys from prying eyes that might get access to them.

Keys have a strength measured in "bits", roughly equivalent to the actual length of the key: a 64 bit key is virtually useless today, as computer power is enough to crack them easily enough. Keys are now measured in thousands of bits; over two thousand is strongly advised, over four thousand is preferable. This means it will take more computing power to encrypt and decrypt email at either end, but it means the privacy of the emails will be preserved for longer.

Keys, once generated, are managed thusly: The Key Pair can be exported to an "Armoured Ascii File", which contains the keys in an encrypted way; this means that someone who accesses the file can't just read the keys without a password to decrypt them. This password should be as good as you can manage; a long (greater than 20 letters ideally), non-predictable (no poetry, favourite quotes or names of famous people) sentence with some numbers is ideal. If you can remember symbols, throw some in there, but the length is most important, not the complexity. Keep it long and memorable, not short and arcane.

The "public Key" is usually broadcast widely; your key management system will allow you to publish the keys to key-servers, which will probably be loaded into the defaults so you simply select a menu item saying "publish key". This allows anyone to search for your email address from the key server and download your public key. Many people also include their public key in email attachments, link to it from their signature, keep it on their personal webpage, or digitally "sign" their email with the key (this also ensures that recipients with GPG/PGP can see that the email was not tampered with on its way to them).

[edit] Setting up GnuPG

GnuPG is easiest to set up and interface with email on Linux. In fact, GPG is already installed on most distributions of linux, patiently awaiting the user to set it up.

Insert instructions for users of other platforms

[edit] Setting up a Mail Client to Use GPG

First things first: as with most products of that suite/family, just stop using Outlook. Outlook doesn't comply with many web standards, meaning other email users won't be able to correctly decode Outlook emails and vice versa sometimes, and it doesn't support PGP/GPG. Also, as a commercial email offering, there is no way to know how secure your email is in Outlook.

For modern systems, the latest version of Mozilla Thunderbird is an excellent choice of Email client (Debian/Ubuntu users: Download it from the site, not the Software Center; the SC version is very outdated). For slower computers, Sylpheed is a great client with built-in GPG support, as is Claws Mail. For truly antique systems, a Terminal-based email client such as [www.mutt.org Mutt] will function speedily but requires arcane user configuration.

Assuming you are using Thunderbird, you will need to install a plugin named Enigmail to manage GPG. Enigmail can be downloaded from the above site or through the add-ons manager within Thunderbird. Enigmail is perfectly integrated upon install, and includes its own key management system which makes it easier for the user to manage friends' keys, upload their own public key, etc.

Settings in the Enigmail preferences allow you to choose whether to auto-encrypt email or leave it to your choice as you write your emails. It also allows you to choose whether to "sign" your outgoing mail: this function allows recipients to know that:

  • You sent the email, because nobody else should have been able to use your secret key to sign it
  • The email wasn't tampered with along the way.

Other people using PGP will get a warning if the signature is wrong, which would imply either tampering or an attempt to forge your digital signature. Bear in mind; unsigned mail won't show any warnings, so if your friends don't expect tampering and don't demand a signature, this won't prevent people spoofing your email address and pretending to be you (which is a lot easier than it sounds).

The Key Manager in Enigmail allows you to search for public keys of your friends or acquaintances: search for their email, and you'll get their public key if they have one. Their keys can be imported into the key manager, and if your settings support it then they will automatically receive email encrypted for their eyes only. You can also export keys; your own key pair, as an armoured (encrypted) .asc file for import into another email client (for your desktop and laptop, or a work computer for example), or a collection of public keys for your friends for import into another client.

For some reason likely related to extreme paranoia on the part of the creators, you can't bulk-search-import keys from all of your contacts at once, and you can't set up Enigmail to search for a key whenever you send an email for recipients with no key already loaded. You have to manually search for a key for each individual, one at a time. Once you have them however, export and import is easy.

Try a search through your email history for "PGP public key" and see how many people have you shared email with that have a key in their signature; you might be surprised!