We are more and more open in our communication. FaceBook, Twitter and other Social Media urges us to be very open, and not very secure.
For some things, though, we want to be able to communicate in a secure way. We want this for credit card details of course, but we also should think about this more often when doing email communication. Do I really intend people to read what I am writing? Do I want to send my private details for anyone to read?
There is a simple solution to the problem, and it's been around for a long time. It's called "Pretty Good Privacy" (PGP) and it's been the focus of some controversy and US government involvement when created. In short, the security level provided was beyond that which the US government wanted us all to have, so they tried to stop the export of the product. The original implementation remains commercial, but there are free implementations too, "The GNU Privacy Guard" (GPG). You can easily set up your Mac mail to allow you to receive encrypted email and sign email you send to verify that you sent it using free software packages.
First, download Mac GPG: http://macgpg.sourceforge.net/
Second, use the GPG Keyring Manager to generate a key for your Private and Public Keys. All very simple to do, just select Key -> Generate in the menu, and do what the program tells you to do ;-). The Public key you send to people you want to receive encrypted mails from, any way you like, and you should also upload it to a central key server (under Key -> Send to Key server). Do this for all your email addresses.
The Private keys for each email address you keep safe, very safe.
Third, install GPGMail: http://www.gpgmail.org/
This interfaces nicely with GPG within Mac Mail, so that you will be able to sign and encrypt messages right when sending it, and also automatically encrypt replies to encrypted mail.
The only remaining task then is to 1) convince people around you to start using PGP/GPG, and 2) get their Public keys into your keyring. Exploiting the fact that the Address book in OS X is an SQLite3 database, the one-liner below gets all email addresses you have (or at least the ones stored in the ZABCDEMAILADDRESS table) and searches for them. Copy-Paste it into a Terminal window and you'll be able to import any keys that matches the email address.
for a in `sqlite3 ~/Library/Application\ Support/AddressBook/AddressBook-v22.abcddb 'select ZADDRESS from ZABCDEMAILADDRESS'|sort|uniq`;do gpg --search-keys $a;done
Happy encrypting!
