I recently reviewed Edward Snowden’s instructions for setting up and using PGP/encrypted email available on Vimeo: GPG for Journalists – Windows edition | Encryption for Journalists | Anonymous 2013.
It’s a good tutorial. One of the points it makes about keeping your communications secure is a very important one: Don’t compose your message (pre-encryption) in an internet-enabled window.
Gmail & Apple mail (for example) by default enable a ‘feature’ where the programme saves a draft of your message as you’re composing it. They save it to their servers.* Spotted the problem? Anything on their servers is (a) interceptable , (b) subject to search warrant/subpoena. That’s why you’re using encryption.
So, as Snowden so clearly advises, compose your message – the one you’re going to encrypt once you’ve written it – offline, in a text editor …
screen grab from Edward Snowden’s guide to encryption for journalists. (click to enlarge)
… otherwise, well, you get the picture?
* In Apple Mail you can turn that behaviour off – make sure this box Mail> Preferences >Accounts is unticked:
Just to be safe. (-ish.)
– P
PS My own PGP credentials are available on the About page. (At the bottom.)
