Send me encrypted mail!

| No Comments

I’ve obviously been asleep for a while. I didn’t notice the Communications Data Billand the resulting fallout.

Anyway, it’s now been brought to my attention. I’ve no interest in helping the government to read all my email. I’m therefore starting a new policy of encrypting as much outgoing mail as I can, and encouraging senders to encrypt mail to me. The objective is to annoy GCHQ and other trawlers.

I’ve therefore created a new OpenPGP key, whose fingerprint is

57E9 10A7 BE4B 9349 EDB3  A281 31CD 2A1F A96A 23BE

I recommend that you start using it right away — it can’t be worse than sending cleartext. I don’t propose to keep this key particularly safe. It doesn’t have a passphrase. The idea is that it’s nontrivial for GCHQ (or anyone else) to break into my computers in order to read my mail; if they have to do it for everyone, the whole idea will fail.

In the interests of plausible deniability, I also recommend that you not sign messages you send. OpenPGP does sign-then-encrypt, which means that, were I compromised, I could later prove that you sent particular messages. My own catcrypt(1) program (part of the Catacomb distribution) provides sender-authenticity while preserving plausible deniability (and uses stronger crypto), but the key management for catcrypt(1) is awful and there’s no good mailer support, so don’t do that yet.

That’s all for now.

Leave a comment

About this Entry

This page contains a single entry by Mark Wooding published on December 1, 2008 3:01 PM.

Safely writing files was the previous entry in this blog.

Multiple inheritance: not such a bad idea is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.2.13