Posts filed under 'Web'
Even though I don’t email top-secret information on a daily basis (OK, actually never), I would like the option to make my email secure. It makes me feel better to know only those whom I intend to read it can do so. Pretty Good Privacy (PGP) is an email encryption computer program that didn’t sound promising, but after some research I found that it suffers from a humility complex — PGP is actually very strong, solid encryption. PGP allows you to encrypt your email communications so you can be sure the messages are only read by the person you intended.
I have been a fan of Thunderbird (read my review) for quite some time, and recently came across an extension called Enigmail which promised to give me the PGP security capabilities I was looking for. The Enigmail extension provides the security in a simple and straightforward way and nicely integrates into Thunderbird. The encryption is handled by the GNU Privacy Guard (GnuPG), a free version of PGP.
Here is a simple example of how PGP works. Dave wants to send Jesse an email. Both Dave and Jesse have Thunderbird and Enigmail installed. Both use Enigmail to generate a key pair. Dave gets a private key and a public key, and Jesse also gets his own public and private key. The public keys are public; Dave and Jesse share those with each other. The private keys are private, they should never be shared. The two keys work together to encrypt and decrypt messages. If something was encrypted with the public key, it can only be decrypted by the corresponding private key.
OK, back to Dave and Jesse. When Dave sends Jesse an email, Dave encrypts the message using Jesse’s public key (Dave has access to Jesse’s public key because it is public). When Jesse receives the message, Enigmail will automatically decrypt the message using Jesse’s private key and Jesse will read the message. To anyone else viewing the message it would look something like this:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.3rc2 (MingW32)
hQIOA6x3yUQjMAdqEAgAvyC+x6frLRnxE8u67BRQAFb2Jrj
NQdBoN2uFKH6x2DGJeggTSL2aGyABsFSr8eva4j4QWSnVfa
DC5P5EOwEQykSvK65TC9Mi5nX6DpEaClQAz/FDIyM+gr3r0
WYWE560YS4KSKz8CHPkIK3E3MruZVNTSn7CVQjHNbzJmgpJ
fgij2jFt59PgXpUgYxX5idkV0TitdR2O7Uv/VBSbRJCpWlK
hQDcX/k21Gcd89sqES6g6iP/pYXYghCo36pitjIhIwf7Bhk
Tv7rCDjQ8QR4+WFnYk9UVjL9KbWlqbn2awBejVQOqSH2j/f
QV4ry7qPVDODGlY0plIy28nUv7WaNt18E+9mS1e+AcGc/5V
WswmxMwM65qV7/1MiqaJ9fc8NdzUsA3peAfiv56dJuJJQRp
W/PD5WKWf9dDUmwRX6Qql36MMQCguwcBfhZZ1rVFQuZYARh
aiMjOS1+Xhrk8FQZnRYu+rmEpT6sXdkpAdvKelE1y/v5lDs
PdLACAEOW7aQoaxAm03WL4w/jGZAI5FB70VUG9kyEN+Xy2E
fUPF2LBTc/72pjvDrxb6O7lMXtpfgy49Lt+2clg2yqvefBt
jg/GmbdxGZMz1rWXDUuZsd9GdfKwxrmvQN8fSTc7FKcIC7h
1uYv7X8dpubuVdParSQKS4WX7d+7J/CNgUQkWytrMtcdWuH
pRgPtdSlxbIC1GQ7
=OCNT
-----END PGP MESSAGE-----
When Jesse wants to reply to Dave’s initial encrypted email. Jesse encrypts the entire message using Dave’s public key and sends it to Dave. When Dave gets the message, it is decrypted using Dave’s private key. Neither person ever touches the other’s private key — it remains private. Dave and Jesse have now exchanged emails securely using PGP.
PGP is strong stuff. Famous cryptographer Bruce Schneier said PGP is “the closest you’re likely to get to military-grade encryption” (Applied Cryptography, p. 587). The reason it is so strong lies deep in PGPs cryptographic and mathematical roots, which we won’t delve into here. Just know that it’s not going to be cracked. Experts doubt any groups, even large government agencies, are capable of decrypting PGP messages. It’s good encryption.
Another great tool I found for PGP encryption and message signing is WinPT (Windows Privacy Tray). It’s a free, open source program that manages your PGP keyring (your public and private keys) and the public keys of others. One of the cool things about WinPT is that it’s a standalone application that you can use to encrypt or sign messages in a regular text document. So, for example, if you’re at work and don’t have access to your Thunderbird application, but you do have webmail access, you can still send encrypted and signed messages from your webmail client. You can also decrypt messages sent to you. All you need to do is copy and paste the plain text into the WPTray clipboard and select the Encrypt, Decrypt, or Sign options. WPTray will do the dirty work, and you simply copy and paste the results into the message body and send the email.
You can check out my public key page to import my public key into your PGP key manager so you can send me an encrypted email. Please don’t send anything which may compromise national security, but if you want to keep Mom’s famous apple pie recipe safe, PGP is great encryption, and using Thunderbird and Enigmail together make it easy and available to the masses.
May 3rd, 2006
I have been using Firefox for about a year now, and now that 1.5 has been released, switching to an alternate browser for most of your web experience is definitely the way to go. At first, alternative browsers were well behind IE after it leapfrogged and then dominated Netscape. Because Internet Explorer (IE) dominated the browser market in recent years, some sites (although rare) are coded specifically for IE and might not look perfect in Firefox. I do keep a shortcut of IE handy for some IE-proprietary corporate software, but for all of my web-browsing, I use Firefox exclusively. Here are a few reasons why you should switch to Firefox.
- Separation
One scary thing about IE is how tightly integrated it is to the operating system (OS). To find out how tightly IE is woven into Windows, try uninstalling it — good luck! Web-based exploits therefore, can theoretically impact the OS, which is scary stuff. Firefox is totally separated from your OS, and doesn’t have the frightening capability of ruining your whole computer just because you visit a website with malicious intent. Firefox isn’t totally immune to bugs or exploits, but the good new is that any existing exploits aren’t going to mess up the operating system. Firefox is a much safer browser than Internet Explorer.
- Extension
Another great feature of Firefox is the ability to extend it in any way. Extensions are small add-on programs that you can use to customize your browsing experience. If you’re a weatherbug, add ForecastFox extension. If you’re a business traveler with clients in many time zones, try FoxClocks. If you’re a newshound, try Sage — an RSS reader. Flickr and del.icio.us plugins are also available if you use those services. Extensions for word of the day, random sites, and countless other diversions are easily added to your browser.
- Innovation
Tabbed browsing is another reason I love Firefox. This isn’t a totally unique feature, as many other browsers also use tabs — rumors are the next version of IE will have tabs. Tabs are integrated nicely in Firefox and while I thought at first that it wasn’t a newsworthy feature, now I can’t live without my tabs. The 1.5 release of Firefox allows you to reorder those tabs by clicking and dragging to reorder them, which makes for easy grouping of related pages. Tabs are one of those surprisingly simple ideas that will totally change the way you surf.
- Benefaction
The folks at the Mozilla project have been generous enough to give the browser away, no strings attached. Firefox is totally free of charge. It won’t cost you one red cent to switch to Firefox. You really don’t have anything to lose — you can always easily uninstall it (see Separation above).
- Intuition
It’s easy. My grandmother could install Firefox and get it running. As part of the normal install, it will offer to include all of your bookmarks and settings from Internet Explorer. After installation, Firefox is as easy to use and any other browser; in fact, it may be easier to use because the development team has given special attention to the whole user experience and made Firefox as user-friendly as possible.
Get Firefox, use it for a while, add some extensions, and thank me later. You’ll love it.
December 15th, 2005
A savvy email user knows how to write an email and write it well, knows how to squeeze every last drop of energy out of those electrons to make the email as effective as possible. Here are a few tips that can make you email savvy:
- Keep it short
Long, rambling emails are rarely read thoroughly; most people skim or totally skip over them. If you want someone to read your email, make it short. If you want someone to read the email and do something, make it even shorter. Proofread your emails and edit liberally; take out any verbose verbiage — emails should be fluff-less.
- Mind your tone
Emails don’t have context. Don’t be sarcastic or try to use any type of tone because it will inevitably be read differently than the way you wrote it.
- Reply with original text
Most email applications automatically do this, but I have received several replies where the sender has not included my original email. This is especially frustrating if I can’t remember what my original request was and the reply is along the lines of, “OK, let’s do it.”
- Use only one space
Spaces are like exclamation points — you only need one to make it work. Using more than one is unnecessary; it simply takes up more space and makes it harder to read.
- Choose descriptive subject
Don’t get too clever with your email subject line. Use a good subject that summarizes the body of the email. Having a well-written subject line is extremely beneficial when digging through old email archives.
- Keep it topical
If your email contains more than one major topic, break it up and send as many emails as there are topics. It doesn’t take much additional effort and makes it much easier keep it short and choose a descriptive subject.
- Respond promptly
This can be taken to an extreme, but just don’t let your emails sit around and get stale. Promptly may mean different things for different emails. Prioritize what you need to reply to and take care of them. Don’t let unread messages accumulate in your inbox.
Learning and practicing these simple principles will make your email life much easier, and your savvy email readers will appreciate it too.
December 4th, 2005
The blind carbon copy is the least used feature of one of today’s most popular communication methods: sending email.
Every email client (local or web-based) I’ve ever used supports the blind carbon copy. It’s just as easy to use as the To and CC (carbon copy) fields; the only real barrier is that most email users don’t know what BCC stands for, let alone what it does or how to use it. That it may be unappreciated, forgotten, and unused no more, I offer a brief description and a few examples.
Suppose you have been tasked with emailing a simple newsletter announcing the next family reunion. The uninformed may choose to put everyone’s address in the To field and send the email. However, a better approach would be to put the addresses in the BCC field. That way, crazy cousin Chris can’t harvest all of the email addresses to use for her annoying “Forward this email to 100 people and you’ll get a million dollars from Bill Gates” emails.
Another worthwhile use of blind carbon copy is to follow up on an unfinished task at work. For example, let’s say a programmer has promised to deliver a custom application, but the deadline passes with no results. You could send a “Where is my application?” email to the programmer and CC the software development manager, but this will make the programmer feel singled out and may weaken your relationship. A better option would be to BCC the software development manager so he can either add additional pressure to the offending programmer or assign additional resources to get the project done. BCC is a great way to keep someone in the loop surreptitiously.
What would I do without the BCC field? I would expose email addresses to people who shouldn’t have them. I would be forced to put everyone on the To or CC lines when some may not need to know who else received the email. I wouldn’t be able to send a copy anonymously to a co-worker when replying to a ridiculous request from my boss. I would reveal email addresses to those who didn’t need to know the other recipients and risk increasing everyone’s spam traffic.
The appropriate use of the BCC field separates the savvy email user from the uninformed. Educate your friends and family about it. Don’t ever send out another mailing list without using the BCC field. Use blind carbon copy appropriately and it will help more efficiently and securely use your email.
November 9th, 2005
Here is a geeky tech thing that I’m pretty excited about: RSS. You probably don’t know what it is, but you may have used it without even knowing it.
RSS is a feed of XML data. This smjsolutions.com site has a feed of the most recent posts. You can click on the RSS link at the bottom right hand side of the page to see the actual feed data (Warning: it’s not pretty in its raw format). Lots of other sites offer RSS feeds (news sites in particular). Most sites will have an orange rectangular RSS button somewhere on the page if it is available.
Probably the best example of a good use of RSS is My Yahoo!. If you have a Yahoo! ID, you’re missing out if this is not your home page. You can subscribe to any RSS feed and have it displayed on your My Yahoo! page. Every time your My Yahoo! page is loaded, it will check the RSS feed for any updates, making sure you have the latest and greatest information that you care about.
Here is a list of some great feeds I subscribe to:
What are some of your favorite feeds?
December 8th, 2004
Next Posts
Previous Posts