Over the last few years, we have repeatedly witnessed that our communication mediums are no longer secure. Various examples can see, be it the public disclosure of General Petraeus’s affair in 2012 or the Sony compromise in 2014, after which over 170,000 emails were released. In 2015, the Ashley Madison Compromise led to the public release in which the CEO’s emails were unveiled.
However, we witnessed that the information extracted via these emails was destructive at worst and damaging at its best. That also reminds us that whatever we consider safe should not be perceived this way.
Emails are considered to be a hoard of information. Therefore, we should think carefully before putting the information in our emails. Or else we should spend a little time considering ways to secure our emails from prying eyes.
OpenPGP For Email Encryption
OpenPGP has been derived from the Pretty Good Privacy (PGP) protocol. Phil Zimmermann developed this protocol in 1991. This PGP protocol is a non-proprietary protocol for encrypting email using public-key cryptography. In 1997, the IETF – Internet Engineering Task Force formed the working group, i.e., the OpenPGP, whose focus was to take the once proprietary PGP protocol, which Zimmermann developed. In 1997, it became an IETF proposed standard under RFC 4880. By doing so, it has become the preferred means of encrypting emails.
Mailvelope for Webmail Email Encryption
Email encryption will only work if we integrate it into our daily workflow. This would mean that we need to incorporate email encryption with our browser, which we preferably use.
Mailvelope has remarkably gained an appreciation for its easy-to-use interface and ease of integration. Mailvelope is a browser-based extension that works with many popular browsers like Firefox, Chrome, Opera, etc.
For security freaks, it is good to know that nothing is shared back with the networks as the keys are maintained client-side. However, there are some inherent risks associated with browser-based extensions. They retain things like an individual’s Private keys for things like GPG. Nonetheless, it narrows to an individual’s risk posture like other security-related things.
Configuring Mailvelope with Gmail
This tutorial will help you configure Mailvelope with Gmail. So, if you are interested in giving Mailvelope a try, then this tutorial will help you get started with:
- Install the Extension
On a Mac, you can navigate to Windows. Then click on Extensions > Get More Extensions. Use the search function to search for Mailvelope.
- Navigate to the Mailvelope Options Panel
The extension will automatically add a menu option to your preferred browser, like the one shown below:
By clicking on the lock with a key, you will navigate to the Options. Here you will see the options button on the menu:
- Create Your Private/ Public Key Pair
You will be directed to the Options page; thus, if you have existing keys, you can upload them. However, if that is not so, then you can easily create a new pair:
The Generate Key option is the one that you get you started, and you will see a page like this one:
The email is the email for which you want to have the key, whereas if you have various emails, you can create the key for all your emails. The password is what you need to decrypt the encrypted emails. This is why you mustn’t forget the password. However, the password formed should be complex, lengthy, and unique rather than a simple and easy-to-guess password.
The key will be generated once you click on Submit. A success message will be shown if the key is successfully generated. Just like the one depicted below:
You will find the keys in your Key Manager. You will be able to locate it as Display Keys in the Mailvelope menu options:
- Add and Share Your Public Key
The only issue you will encounter would never be with the configuration; instead, to make Mailvelope work, you will require the participation of people. However, if it is not so, then you can have PGP configured and read, but there will not be a single person to use it with. The fundamental details will help you to share your public key:
Only the Public key is the one that would be shared. The Private Key will be kept to your own, and you are asked not to share it at all costs. To import, you will navigate to Import Keys in the menu options, and the recipient’s public key will be uploaded.
- Send your First Encrypted Message
You can send your first email once you have someone to communicate with. Once you open your email client, a new option will be seen in the email, allowing you to encrypt. You can now type in your message by clicking the new editor button in the email and through the new pop-up form.
In the image below, you can see that it will carry your existing email signature.
When you are done with the message, click on Encrypt. After that, select the individuals you want to encrypt for (Note that you will need someone else’s public key to make this work). It is of prime importance that you select your email and then your recipient’s email because if you don’t, you won’t be able to read your own email.
A mess will appear after you click on Ok.
This mess will be pushed to the email once you click on Transfer. The email is now ready to be sent to the recipient(s).
Once an email message is decrypted, the recipient receives the message. This is how it looks when a recipient gets something through the Gmail web client.
The Importance of Privacy
The original meaning of the word “privacy” seems to be long forgotten. Going online with a mindset of browsing privately is no longer possible. The various communication mediums we trust to provide us with the promised security rarely stand by their promise. It would help if you kept in mind that whatever you share will likely be consumed by someone other than those you intend to share your stuff with.
However, with advanced technologies like OpenPGP, we can ensure our shared content’s privacy. Mailvelope not just assures us of privacy but makes it practical as well.
With the rise of IT vulnerabilities and threats, we can no more stress the importance of taking privacy more seriously. Over the past few years, the different examples of compromises have significantly impacted business and online security. The various email compromises led to the release of emails that were comprised of sensitive data. Some emails also contained inappropriate/embarrassing content, which was supposed to be shared privately.
Therefore, it is essential to employ encryption for various dire functions within a company or an organization. Since encryption, or the importance of privacy, has footholds far beyond just emails, it is an excellent place to start.
Share this article
About the Author
Waqas is a cybersecurity journalist and writer who has a knack for writing technology and online privacy-focused articles. He strives to help achieve a secure online environment and is skilled in writing topics related to cybersecurity, AI, DevOps, Cloud security, and a lot more. As seen in: Computer.org, Nordic APIs, Infosecinstitute.com, Tripwire.com, and VentureBeat.More from Iam Waqas
How to Encrypt Your Emails on Gmail, Yahoo, Outlook, and G Suite
Encryption is, so far, the best possible way of securing your emails. With encryption, your informat...
How To Encrypt or Password Protected A Flash/Thumb Drives
Encrypt All types of Thumb, Flash, USB, and portable drives. An easy step-by-step guide to complete ...
2 Best Ways To Encrypt Your Files And Folders In macOS
Encrypt your sensitive file and folder in macOS easily – quick steps to be encrypted Your Mac ...
How to encrypt PDF files on macOS and Windows – Complete Guide
PDFs are the most common attachments in the email after docs. These lightweight, presentable documen...
How to Encrypt and Decrypt Files / Folder In Windows in 2023
Windows is admittedly popular and unexceptionally easy to use. However, you might also know it is on...
How To Encrypt uTorrent And BitTorrent Traffic – Best Easy Ways
Quick summary You can adopt many ways to encrypt uTorrent or BitTorrent traffic, but the most reliab...