Posted on Feb 9, 2016
What are your thoughts on encrypted e-mail services? Are you familiar with any of them?
3K
22
9
2
2
0
Information Technology
Internet
Cybersecurity
Email
Cyber
Edited 7 y ago
Posted 9 y ago
Responses: 4
1
1
0
The only encryption I'm familiar with as a user was what we used in the military, the CAC, the SIPR token and the identity files on JWICS. I'd like to learn more about the options available in the civilian world. Good topic!
There's a reason people use envelopes, not just postcards, right?
There's a reason people use envelopes, not just postcards, right?
(1)
(0)
SGT (Join to see)
True. Even NIPR e-mails have encryption options with public/private key. The only civilian-side options I know of are in the survey.
(2)
(0)
TSgt Nicholas McLarty
What about PGP or software certificate based S/MIME? Let's you use any email provider you want. It just takes some extra work on the front end -- PGP requires you to obtain the recipient's public key from a directory or through personal exchange, and S/MIME requires unencrypted key exchange before going secure.
(1)
(0)
Maj (Join to see)
Encrypted email is good but a bit of a pain to set up without a PKI. You and the recipient must be using the same encrypted email service or you have to figure out someway of sharing your public PGP/GPG keys before hand.
Then you run into the issue of key storage. End to end encryption apps like whatsapp keep a copy of your private key on a server somewhere so they can transfer your messages to a new phone for you. Encrypted email companies do the same thing otherwise you wouldn't be able to access your email on multiple computers.
Then you run into the issue of key storage. End to end encryption apps like whatsapp keep a copy of your private key on a server somewhere so they can transfer your messages to a new phone for you. Encrypted email companies do the same thing otherwise you wouldn't be able to access your email on multiple computers.
(0)
(0)
0
0
0
0
0
0
Protonmail definitely easy to use and it's swiss... A cold day in hell before your email is going to be cracked by any legal means CONUS .. however it's pgp and also trivial to setup. However for nontechnical people seamless & transparent.
Soon may support pki also.
Gmail Cacert.org free trusted by even SOE, now Daybreak. Volenter staffed.
4096 bit keys, however if you become an assured you can get 1 year keys with some insurance? On them. However 6 months is quite fine actually probably better. However less convinate.
Can get a server/domain key setup local enterprise CA , make up to 10k pki keys if especially paranoid.
For secret/classified/top secret (Corporation , US-G if say sensitive or confidential, secret is pushing) and less it will sufice, esp small business data is plenty fine. Top Secret projects less a government contractor, the closing of the deal will make it secret or sensative in 6-12 months time.
and or g-apps ie michaellawrenceit.com , and outlook or thunderbird also works.
Google apps has a number or transparent apps and or need to know addons for onetime transparent encyption and download links. Good for some personal documents ie SSN card to hr.
However, zix or other Google apps , can make encyption forced, transparent to end users. Even high enough for Many US Government encyption compliant. Ie HIPPA.
Pgp as well via a few browser hacks ie chrome or Firefox, but thunderbird and pgp plugin's have been reliable for years.
However their not quite as mobility friendly.
K9 mail has many plug-ins... for android
Better html sig's etc so I hear. Last time gave it a go, however phoned Fs was filling up, flaking out, and had to reset it. Just haven't had chance for full test.
Soon may support pki also.
Gmail Cacert.org free trusted by even SOE, now Daybreak. Volenter staffed.
4096 bit keys, however if you become an assured you can get 1 year keys with some insurance? On them. However 6 months is quite fine actually probably better. However less convinate.
Can get a server/domain key setup local enterprise CA , make up to 10k pki keys if especially paranoid.
For secret/classified/top secret (Corporation , US-G if say sensitive or confidential, secret is pushing) and less it will sufice, esp small business data is plenty fine. Top Secret projects less a government contractor, the closing of the deal will make it secret or sensative in 6-12 months time.
and or g-apps ie michaellawrenceit.com , and outlook or thunderbird also works.
Google apps has a number or transparent apps and or need to know addons for onetime transparent encyption and download links. Good for some personal documents ie SSN card to hr.
However, zix or other Google apps , can make encyption forced, transparent to end users. Even high enough for Many US Government encyption compliant. Ie HIPPA.
Pgp as well via a few browser hacks ie chrome or Firefox, but thunderbird and pgp plugin's have been reliable for years.
However their not quite as mobility friendly.
K9 mail has many plug-ins... for android
Better html sig's etc so I hear. Last time gave it a go, however phoned Fs was filling up, flaking out, and had to reset it. Just haven't had chance for full test.
(0)
(0)
Read This Next
Continue with Facebook 
Continue with Google