|
|
From TNPC issue #4.18...
PGP (Pretty Good Privacy): Part 2
by Dan Butler
September 6, 2001
Whether it's data on your hard drive or email you are sending,
your data is important. I recommended PGP in my last article. If
you haven't downloaded PGP yet I think you should download and
start using it immediately. If you missed the first part of the
PGP article you'll want to read it here:
http://www.TheNakedPC.com/t/418/tr.cgi?dan1
Why should you download and *use* PGP? To me the key to the whole
encryption puzzle is to use the software in your daily
activities. You'll remember your passphrases and learn the
techniques. One of reasons I recommend PGP is its flexibility.
You don't just use it on email, you encrypt your important
financial files, notes you really don't want others to read,
spreadsheets with important numbers in them, etc. Whatever you
want to encrypt you have an easy way to do it. And you only need
to remember one passphrase to get to any of your data.
Several questions came up frequently after my last article. Here
are some of them with the answers.
Q: Does the recipient of your encrypted email need PGP to read
it?
A: Yes. You won't be able to encrypt an email to someone without
their public key. If you have that you can be sure they already
have PGP installed. A way around this is to create a Self
Decrypting Archive of the information you want to send. Simply
save the information to a file then locate it in Windows
Explorer. From the File menu choose PGP, Encrypt then click the
Self Decrypting Archive box. Attach the resulting file to an
email and let your recipient know the password over the phone.
Q: Is PGP really free?
A: Yes, for personal use. If you want to use it for business
purposes you need to buy a copy. Buy it at Amazon:
http://www.TheNakedPC.com/t/418/tr.cgi?dan2
Q: What happens if I forget my passphrase?
A: If you forget your passphrase or lose your private key you
will not be able to access your encrypted data. I'm serious.
There is no way for you or anyone else to get into the encrypted
files without both your passphrase and your private key. So make
good backups of both. I keep a floppy with my private key in my
safe deposit box.
Q: Aren't certificates easier to use?
A: I'm not sure if they are easier to use or not. A certificate
functions much like a key. You get them from VeriSign (among
others) and they have time limits. At various times you can get a
certificate free for one year. While this sounds good what are
you going to do when the year runs out? With an expired
certificate you can't access your certificate-encrypted data
anymore. Certificates only work seamlessly with a few mail
programs (Outlook, Outlook Express, and Netscape for instance).
Since both you and your recipient need to have mail programs that
support certificates, this drastically cuts into their
usefulness. Certificates don't offer you an easy way to secure
other data on your system either. PGP gives you an easy way to
encrypt any data you have.
Q: How do I send my public key to someone else?
A: Open PGPkeys, right click on the key you want to send, choose
Copy. Go to your email program and paste the data in a message.
Now send the key to anyone you want. They then copy what you sent
and paste it into PGPkeys.
Q: Is GnuPG the same as PGP?
A: No. GnuPG, the Gnu Privacy Guard, is an OpenSource encryption
technology designed to be compatible with PGP. It came about when
NAI, the outfit that markets PGP, stopped releasing the full
source code for PGP. That combined with Phil Zimmerman, PGP's
author, leaving NAI have some people worried that there could be
a "back door" programmed into PGP for law enforcement purposes.
Phil Zimmerman says that as of version 7.0.3 there are no back
doors. That is the final version he watched over before leaving.
GnuPG still has full source code published, however, it is still
command line operated. That should change in the future. If you
aren't into hacking around on code I would leave GnuPG alone for
now and stick with PGP. Find more info on GnuPG here:
http://www.TheNakedPC.com/t/418/tr.cgi?dan3
Q: What does an encrypted file look like?
A: You can see a PGP encrypted version of this article here:
http://www.TheNakedPC.com/t/418/tr.cgi?dan4
There were more but these get to the heart of the issue. If you
use encryption, use something that works for all your
applications and not just a few. By using your encryption program
regularly you'll be familiar with the procedure and less likely
to forget something important--like your passphrase!
You can reach Dan Butler at:
mailto:danbutler@TheNakedPC.com
Copyright © 2001, PRIME Consulting Group, Inc. and Dan Butler.
All Rights Reserved.
The Naked PC is a trademark of PRIME Consulting Group, Inc.
ISSN: 1522-4422
You may reprint an article from TNPC as long as you show the
entire article and include the authors byline, excerpt and
subscription information as shown:
article_title
by author_name
(This article originally appeared in The Naked PC
newsletter; subscribe at http://www.TheNakedPC.com)
|
Return to Top
TNPC Hot Tips:
-
Email out of control? Spam filling your inbox? People trying to steal your identity? Same here - until I applied these tips. You can too in a new multimedia e-book. Tame Your Email.
-
DO YOU MAKE THESE MONEY MISTAKES?
Do you know that trying to pay off your high interest rate debts first
and/or paying extra on more than one debt is the SLOWEST way
to get out of debt? Don't make these same mistakes. Learn more at
by clicking here...
|
|
 |
In The Current Issue
|
 |
 |
|
Read #4.18 here!
Featured Articles
Retrospect: Is This a Better Backup?
PGP (Pretty Good Privacy): Part 2
Applications: Here to There Part 2
Norton Utilities 2001 Part 5
Featured Book
Dreamweaver 4: The Missing Manual
by David Sawyer McFarland
If you currently use Dreamweaver, or want to, this books makes a great introduction. Little tips abound that will save you frustration, such as how to get the results you want when rearranging a list. Major topics like tables, Style Sheets, and Templates have nice tutorials at the end of each chapter.
Featured Product
DiscSavers
Traditional jewel case wastes space, scratch, crack, hinges break, and as your collection grows, the cases take up twice as much room as the actual CDs. DiscSavers are square cases with
rounded corners made out of flexible, translucent plastic just wide and tall enough to fit a CD and add only about a CD's worth of thickness. The resulting package is half the thickness of a conventional jewel case and a half-inch narrower; an ounce or more lighter, too.
Featured Drawing
TNPC Back to School Blues
You have until Tuesday, September 11 at midnight to enter this drawing. On September 12th we'll pick two names at random and give away two free Photon Micro-Lights to the lucky winners. Just click here, answer our survey question and enter your email address in the drawing.
|
|
 |
 |
 |
 |
|