Facebook Encrypted Notification Emails

Encrypt your Facebook Notification Emails with PGP

It’s well-known that email isn’t really that secure, with a large percentage of mail servers communicating without TLS, mail clients not being set up to use secure connections, and more commonly easily guessed user passwords.

Using PGP to encrypt messages helps to retain the privacy that age-old email systems don’t give you, keeping your message contents secured between you and the recipient (and back again).

While this is great, a lot of email come from systems and not people – and the contents of the messages can be equally as confidential. Thankfully, Facebook have, as of June 2015, added experimental support for users to add their OpenPGP public keys to their profiles and opt for all mails from Facebook to be encrypted.

Securing your Facebook Mails

Sound good right? Here’s a quick two-step guide how to encrypt your Facebook Notification Emails with PGP! Continue reading

GitHub add support for GPG Signature Verification

It’s official, GitHub has announced (as of April 5th 2016) that they will now be supporting GPG-signed commit verification!

GitHub GPG Verified Commit Signature

A series of gpg-signed commits, showing the signature verification on GitHub

GitHub now shows signed git commits and tags with a green “Verified” button, not only indicating that the commit or tag is signed, but validating the GPG signature against the keys that are known to that user (set in your GitHub account settings)

The signature verification is also visible within Pull Requests, which is a great feature for large open-source projects to verify that code from trusted project members is really from the right people.

Why Signed Commits Are Important

Continue reading

Setting up PGP on Mac OS X

Just last week I wrote a post explaining How to set up PGP on Windows, but seeing as though I now use a Mac for most of my day-to-day work, here’s an alternative guide to help you to set up PGP on Mac OS X so that you can use OpenPGP encryption and signing, manage your keys, and more from the comfort of your Mac!

PGP on Mac – Installing GPG Tools

Check out the GPGTools website and download the latest version of the GPG Suite. Once it’s downloaded, mount the disk image (just double-click it in your downloads folder) – you should see something like the following:

GPG Suite Disk

Contents of the GPG Suite Disk Image (.dmg)

Continue reading

Setting up PGP on Windows with Thunderbird

Here’s a short (well, kinda short) rough guide on getting setup with PGP on Windows with Thunderbird! We will be using Gpg4win to provide the GnuPG tools and essentials for easily using PGP, and Enigmail to add support to Thunderbird for OpenPGP signing and encryption.

Got a Mac? Check out my guide to Setting up PGP on Mac OS X!

PGP on Windows – Installing Gpg4win

Head over to Gpg4win and download the latest version (v2.2.1 or newer) and once it’s downloaded run the installer. You will be presented with a set of options somewhat like the following:

Gpg4win Setup: Choose Components

Gpg4win Setup: Choose Components

Continue reading