Encrypting mail in Thunderbird
After creating the key pair, the next step is to configure Enigmail. To do so, first launch Thunderbird. Experienced Thunderbird users will notice a new menu item, OpenPGP, which lets you access the Enigmail add-on functionality (see Figure 1).
If you used your distribution's tools to set up the components, you do not need to configure anything now. The OpenPGP | Preferences… box looks fairly spartan (see Figure 2). If you have multiple installations or Enigmail fails to find the installation, just set the right path to GnuPG here.
Also, you need to say how Enigmail should store your passphrase. For security reasons, it makes sense not to save the passphrase permanently.
The default value of five minutes is a useful compromise between convenience and security and keeps Enigmail from asking you for the passphrase for each mail.
Clicking on Display Expert Settings takes you to the advanced configuration, which gives you some interesting – and perhaps some unnecessary – options. In the Sending tab, you can enable Add my own key to the recipients list so you can decrypt messages that you send later. In the Advanced tab, you might also want to enable the Encrypt replies to encrypted messages to avoid forgetting to encrypt a confidential exchange. Also, you should enable '--' is a signal separator and Use '<' and '>' to specify email addresses. When you are done, you can close the settings dialog.
Finally, you need to enable OpenPGP support for the account (Figure 3). To do so, click Edit (or Tools) | Accounts…, select OpenPGP security for your account, and choose Enable OpenPGP support for this identity. Also, you will need to enable the option Sign encrypted messages by default.
This completes the configuration. Don't be surprised when you open OpenPGP again; some menu items are added after enabling the expert settings.
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.