Hey, what’s up everyone. I want to give a demonstration on how to send encrypted email.
For those that don’t know, regular email is actually not very secure at all. There have been several cases in the news lately where people’s emails have been hacked. So I’m going to give a demonstration using a tool called Mailvelope. It’s a free tool. It’s a great gift to the world.
Mailvelope leverages PGP another great gift to the world. PGP is an encryption method, it’s been around for a long time and it is very effective there’s no known way of breaking it directly so when used properly, you shouldn’t have much to worry about. So to get it going we’re going to make this so you can use it for your regular email like on Gmail, Yahoo, Outlook.com, iCloud.
So we go to Mailvelope.com and you have to install an add-on.You can choose Chrome or Firefox.
Just click on that “allow” hit install, basic stuff now over on the right here, it’s going to say this lock appears it says Mailvelope. Great.
Click on “options” and now let’s say I’m trying to communicate with my buddy.
You actually never need to talk on the phone or meet in person, you can start via regular email and turn it into encrypted emails.
But what you first need to do is create a public and private key. So to do that you go to “generate key”.
It will ask for your name. You can put whatever you want here but other people will be able to see it. So you don’t want to put something offensive or something you’re embarrassed about.
Same thing with email although it’s a little easier if you put your real email because it synchronizes with other address books nicely. So it’s probably best to do that.
There we go, I put in somebody’s name who definitely could have used Mailvelope earlier this year.
For your settings, 4096 is definitely what you want to use. You could use lower ones but that just increases the highly unlikely chance that someone can break through and read your message so 4096 is safe.
You need a password, I’d recommend at least 20 characters a couple random words and maybe some numbers should probably be safe enough but the longer the better.
Now you will have to enter this somewhat frequently, so you don’t want it to be something that’s impossible to remember.
You can upload your public key to the Mailvelope server, that’s up to you — it just makes it easier for people to email you. We’re going to hit “generate”, this can take anywhere from 10 seconds to about two minutes depending on mostly just luck.
It has completed. If I scroll up and look at my display keys, this is kind of like a Rolodex of keys that you can communicate with.
Right now I only have the account that I created. But if I can dig in I’ll see it’s actually a set of two keys. There’s a public and private key.
I’m going to grab both these by clicking on export you grab one or the other or both I’m going to grab both by hitting ctrl+A ctrl+C paste them into two text files.
The public key is one that you can give to anybody it is there’s no risk in handing it out you have to give it to someone for them to encrypt a message directly to you, but there’s no harm in sending this out, putting it on an email signature pasting it on your doorway.
You’ll notice it’s shorter than your private key over here the private key, intuitively, you want to keep private. It says “private” up here this one says “public”. The private key is basically a direct method to decrypt all of your messages they would have to get through the password you set up but you probably don’t want to take that chance so protecting your private key is really critical to maintaining good privacy.
So I wouldn’t even save this in plain text, in the cloud. I’d encrypted somewhere else or hide it somewhere with it where you just don’t want to risk losing it.
But now we have a public key you want to share this with some with your buddy or I want to share this with my buddy so that he can send me encrypted messages.
I’m going to jump back over to Firefox and this conversation left off here I’m just going to write back in regular text saying, “hey I have a public key here it is” and I can just paste that in there.
I don’t care if everybody under the sun reads this, I’m just going to send it because all that allows someone to do is send me an encrypted message. They can’t read any of my messages.
I’m going to jump over to that other account here we go I’m going to hit “show” the message comes through. Mailvelope automatically recognizes any sort of PGP information so it’s that it recognizes “Begin PGP text” public key.
So it’s got the option to add in this public key. I’m just going to click this plus right here and it says “success”. You’ll notice that if I go to the bottom here it uses the name and the address that I gave it before.
So when I said be careful about putting in some name that you’d be ashamed of, this is an example of where it would be exposed. I mean it’s part of the software so just put in something you expect other people to see.
So now my friend can write back to me an encrypted message. The way he does that or both of us would be to hit “reply” and again we’re in regular Hotmail here.
I’m in Chrome but the other wasn’t in Firefox works the same you click on this little “compose” button and then you can start typing away.
It recognizes my address because I’m in the keyring and I can start typing. All right I put in some sensitive information that I’m going to send back to myself and I’ve also included the public key for this account down so both accounts will have each other’s public key so they can send messages freely to each other.
So I’m going to hit “encrypt”, now by hitting encrypt it actually knows to paste this encrypted method into the message over here. So it takes this window and paste it into here.
If you get caught in between you might want to be careful that you don’t accidentally close the window because then you can lose you message, but I hit “encrypt” and it sends this long completely eligible message back to my PG code Rider account. So I’m going to hit “Send.”
Jumping back over to Firefox.
There it is and I’m going to open up that message now again Mmailvelope recognizes this as a PGP message so says gives me this kind of glow around the message which the message itself again is completely illegible that Google’s trying to translate it as Danish.
I don’t know how I’d feel about that if I was Danish, but I want to click on the envelope, and because I entered my password previously it saves it for 30 minutes but it will decipher this encrypted message it has all of the key information.
So if you wanted to send all of this sensitive information you could password Social Security numbers Mailveope allows you to do that. Now I also sent the public key as an encrypted method which it didn’t need to be encrypted but easy enough.
I’m going to copy this here and I’m going to go back to my Mailvelope here we go and I’m going to hit “import keys” not “generate key” like I did before.
So I’m just going to paste this one in there and I hit “import” and it says down below “success” public key blah blah blah and “Emperor Trump” that was a goofy name I made for this account as well.
If I go back to my display keys list, I now have two entries. I’ve got the original one I generated and I have the second one I just copied and pasted in.
You’ll notice the second one only has one key here while my original one has two. And as I’m sure you can guess, that’s because this one has a public and private key, while this Emperor Trump one only has a public key.
My friend and I do not share each other’s private keys with each other. Only our public keys.
So now we can send encrypted messages back and forth with each other. A couple other the random notes, if you lose your password or your private key, you’re out of luck.
Mailvelope doesn’t know your information so you have to protect that on your own.
If you have more than one person on an email thread, let’s say I had wanted to reply to a bunch of people, you can actually encrypt it with everyone’s key so that everyone can read the message in fact when you compose a message.
Mailvelope will encrypt with your public key as well allowing you to read your own message. So if you’re looking at your sent mail and you want to read it, you can see what you sent to somebody else which is nice in previous versions you couldn’t do that.
Disadvantages are obviously you can’t search like you would a normal Hotmail message but that’s a small price to pay to have a secure messaging.
So again big thanks to Mailveope for making a great product and I hope you find this useful and just think you know a lot of a lot of campaigns a lot of important people could have really saved themselves some aggravation just using the simple tool.