How to Encrypt your Messages for Maximum Privacy (Mac Version)

     I have had a couple friends talk to me recently about online anonymity, with the concern that their messages and information could be accessed without their knowledge or permission. It is for them and anyone who wishes to keep their information secure that I have written this encryption guide.

     With the patriot act and unrestricted NSA spying, some (of the more paranoid) of us are concerned that our regular law-abiding free speech may get us into trouble (see the Electronic Frontier Foundation's website https://www.eff.org/nsa-spying). What happens when overzealous authorities mistake me for a criminal and I am arrested? Well I wouldn't ask that question because I am still waiting for the DA to throw out my case.

     The question remains, what can we do to protect the privacy of our conversations online? The answer is encryption. Cryptography (https://en.wikipedia.org/wiki/Cryptography) has been around for thousands of years but has long been considered to be a tool only of spies and criminal masterminds. Now it is available for you to protect yourself against those who would steal your identity or exploit or persecute you.

     In this blog post I have put together a guide for encrypting your messages for Mac OSX. I prefer mac but for maximum security you should use linux. PC is the least secure. I will post a PC guide soon anyway.

MAC OS:

Step 1) First you need the encryption software. For this I use GPGTools: https://gpgtools.org/. Scroll down and download the latest stable version.

Step 2) Once you have installed the program, open it.

Step 3) Create your encryption key pair: This is pretty straight-forward. Click "new" and enter the name and email you want to associate with your encryption key. These do not have to be real. Note: when you create a key, you need a passphrase for that key. Don't lose it! If you forget this passphrase, too bad. No excuses, no recovery. You should probably write it down somewhere. If you save it in plain text on your computer or encrypt it with your new key you are missing the point. Longer passwords are generally better.

Step 4) Change your System Preferences: Go to your System Preferences -> Keyboard -> Keyboard Shortcuts -> Services (left box) and then go to Text in the right box. Scroll down and check all the OpenPGP options. If you can handle this, the hard part is literally over. Read on.

Step 5) Import key: Find the public key of the person to whom you want to send an encrypted message. They can email it to you or whatever. Open TextEdit and then copy/paste their public key into the text document. Highlight their pubkey including all the "-----BEGIN PGP PUBLIC KEY BLOCK-----" at the beginning and the "-----END PGP PUBLIC KEY BLOCK-----" at the end. Right-click the highlighted key, and go down on your pop-up menu to Services. When that pops open, you'll see the GPG options you enabled in Step 4! Click OpenPGP: Import Key. Now your GPGTools program will save their key so you can encrypt messages for them to read!

Step 6) Open TextEdit again and type your message. Highlight your message, right-click it, and go down on your pop-up menu to Services. When that pops open, click OpenPGP: Encrypt and select the key that corresponds to the person to whom you are sending the message. Your text will turn into gibberish! Copy and paste this gibberish (again, include all the "-----BEGIN PGP MESSAGE...END...-----" stuff) into an email or other conversation box (facebook? twitter?) and send your encrypted message away with confidence and security!

Step 7) Decrypting — To decrypt a message from someone, just copy/paste it into a TextEdit document, highlight it and right-click, go to Services, and click OpenPGP: Decrypt. Now the message is in clear text. Note: this will only work if they encrypted the message using your public key. You have to send them (or publicly post) your pubkey so they can encrypt messages for you because only your 'secret key' can decrypt those messages.

Step 7b) How do you know your own public key? — Go to GPG Keychain Access and select the key you made for yourself. Export it, and do not include your secret/private key. That will spit out an .asc file which is just plain text, open it in TextEdit to see your public key.

Thanks for reading. Please let me know if you have any questions or suggestions.