I have been reading the book I bought at the International Spy Museum in Washington DC, The Snowden Files by Luke Harding, and I have actually learned something from it.
The Snowden Files: The Inside Story of the World’s Most Wanted Man (Vintage): Luke Harding: 9780804173520: Books
ISBN: 0804173524 |
The book mentions that Snowden used PGP to encrypt his emails. I am somewhat familiar with encryption since we encrypt the social security numbers stored in our databases at work. But I never did figure out how to encrypt my email. Recently I have found something that works, Gpg4win (GNU Privacy Guard for Windows). This software has an Outlook plugin which makes it easy to decrypt email in Outlook. The documentation is great and tells you exactly how to get started using this software. There is even a German robot that you can exchange encrypted email with to ensure that everything is working.
Unfortunately I doubt that I will find anyone to exchange encrypted email with. Setting it up is still technically challenging and most people won’t want to go to the extra bother. I think my clients should send me login information using encrypted email at the very least. But that probably isn’t going to happen. However, it isn’t a complete waste of time to learn how PGP works. Some web sites will communicate with you using encrypted email. I found this to be the case with a financial web site which offered the option of using PGP for its emails. For some reason, the Outlook plugin would not decrypt its email but I figured out how to save it as a text file which the Gpg4win program Kleopatra can still decrypt. I plan to use PGP to encrypt some text files on my laptop which contain the financial data I need while traveling.
PGP encryption might not be good enough to protect your data from the NSA. I still think you should use something peculiar that you have developed myself. That may not be 100% secure but somebody would have to devote resources to break the encryption. I have found some code that does encryption using a source text like a book which must be known to decrypt the message. In other words, you have to know what book was used by the program. This would be unconventional enough to frustrate any casual snooping.