by Dave Kimble at www.peakoil.org.au
Our Government requires all ISPs to keep archived copies
of every email generated by their clients within the last 3 months.
Then if the courts give them the nod, on unspecified "security grounds",
they can access the archive and use your private correspondence against you in court.
Nice, eh ?
The way around it is straightforward and perfectly legal.
You can't hide the email address it is going to, but you can have everything else encrypted.
Encryption is built into the email engines for Outlook Express and Mozilla Thunderbird,
(or any email program working to S/MIME standards) and is based on Certificates .
Certificates contain a pair of keys - one to encrypt data and one to unencrypt data.
The first one, also called the Public Key, you send to people attached to an email,
so that they can use it to encrypt messages to send to you.
And you keep the Private Key on your computer so that you can unencrypt and read the messages.
The Public Key plus its identifying information are called a Digital ID.
You can get a free Certificate for a particular email address from a number of businesses,
one of them is at Instant SSL by Comodo.com.
If you are not clear about what is going on, read their explanation.
Click on the "Get it free now!" button and fill in the simple form.
They will send you an email inviting you to click a button to download and install the certificate into your browser's certificate store.
If you use Microsoft Internet Explorer as your web browser,
the certificate will work automatically for Microsoft Outlook and Outlook Express.
If you want to use it in Mozilla Thunderbird you will need to export it from IE to a file:
IE7 > Tools > Internet Options > Content > Certificates > highlight the entry and Export >
Then you need to import it from the file into Thunderbird:
Thunderbird > Tools > Options > Advanced > Certificates > Import >
Similarly if you use Mozilla Firefox as your web browser, you will have to export it and import it into Thunderbird.
For security purposes you should back up your certificates by exporting them as above.
It is probably a good idea to create a special folder (for example My Documents/My certificates) to keep them in.
That completes the Certificate installation process.
Distributing your Digital ID
To send your Digital ID to someone, so that they can send encrypted emails to you :
Outlook Express 6 > Create Mail > Tools > Digitally Sign = checked
a red rosette icon will appear in the message header area.
For Mozilla Thunderbird > Write > Options > Security > Digitally Sign This Message = checked
When the email is received, the digital ID will be stored with your email address,
so that when they are composing an email to your email address,
they will have the option to set Tools > Encrypt = checked >
and if they do, then the email is encrypted with your Public Key and sent to you.
When you receive that email , your mail application keeps
the email in encrypted form on your computer's hard drive,
but the email is displayed in unencrypted form on your screen.
Obviously if you want a two-way encrypted email conversation,
both people have to have their own certificates
and to have sent it to the other by digitally signing an email first.
Once that is done, you can send as many emails to each other as you like.