Feeds

Still sending naked email? Get your protection here

Buckle your seatbelt, encrypt your bits

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

Step 3: Install the Enigmail add-on for Thunderbird

If you plan to receive encrypted emails on a regular basis, you'll probably want a seamless way to decrypt them. Plenty of email clients, Thunderbird among them, have ways to do just that. This tutorial assumes you've already installed Thunderbird. If you haven't, you can either install it first or skip this step and find some other way to decrypt your messages.

Navigate to this page on the add-ons section of the Mozilla website. Click on the "Download now" link and save the file (at time of writing it was enigmail-0.95.7-tb+sm.xpi) to your desktop.

In Thunderbird, go to Tools > Add-ons and then click the Install button at the bottom left of the popup window. In the "Select an extension to install" window, change the folder to your desktop. In the list of files, highlight the Enigmail file you just downloaded and choose Open. In the resulting Software Installation window, click Install Now. Then restart Thunderbird.

Enigmail should immediately open an OpenPGP Setup Wizard that prompts you to select a key to sign and encrypt email. Highlight the key you just created and select Next.

Once Enigmail opens, choose the key you just created

Once Enigmail opens, choose the key you just created

By now, one of the contacts you emailed earlier should have had time to send you an encrypted message using your public key. When you use Thunderbird to open it, you'll be prompted for your passphrase. Enter the passphrase you chose when you generated your key pair. If all goes well, Enigmail will decrypt the message and it will look something like this:

With the private key, email looks like this

With the private key, email looks like this

Congratulations. You've just decrypted your first email. For an idea what the same message looks like to anyone without the key, open the same email on a web-based email service or a client that hasn't been set up to work with your key pair. It will look something like this:

To a snoop without the private key, the same email looks like this

To a snoop without the private key, the same email looks like this

Note that subject lines are never encrypted, so remember to never include private information there.

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.