Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypt and Sign Gmail messages with FireGPG

Posted by ryuzaki0 on from the can-you-spot-the-secret-message-in-this-dept-line dept.

Linux.com (Same owners as Slashdot) has a story up about FireGPG and says "Gmail may be an excellent Web-based email application, but there is no easy way to use it with privacy tools like GnuPG. The FireGPG extension for Firefox is designed to solve this problem. It integrates nicely into Gmail's interface and allows you...
Encrypt and sign Gmail messages with FireGPG

5 of 206 comments (clear)

  1. And for the chat by DrYak · · Score: 4, Informative
    And if want PGP encryption for chat (Gmail's associated GTalk or any other protocol like MSN, etc.) there is Pidgin (formely Gaim) with plugins :


    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  2. Re:Nerds with something to hide by joe_cot · · Score: 5, Informative

    I don't actually use it for encryption; I use it for verification.

    Besides encryption, GPG also allows you to sign messages, ensuring that the message is indeed from you, and hasn't been modified after you've signed it. In the Ubuntu Community, this is important for a) verifying messages from developers are real, b) verifying that uploaded packages were created by trusted developers, c) verifying signatures (such as signing the code of conduct).

    While FireGPG is useful, it's not so useful for signing messages; gmail auto-wordwraps messages after you send them, and FireGPG doesn't take that into account. Therefore, unless you wordwrap it yourself, gmail's going to add line breaks, and your signature will be invalid. When I need to sign messages, I either word wrap myself so that gmail doesn't, or send it through Thunderbird using Enigmail.

  3. Re:Nerds with something to hide by SCHecklerX · · Score: 5, Informative

    You are forgetting about authentication. Email is trivial to spoof. If you *always* sign your messages, then when some asshat, say, decides to send an explicitly detailed nastygram to your boss from 'you', it is easy to prove otherwise...

    Or maybe from your secret lover, etc. You get the picture.

  4. Re:Or you can use an actual mail client by Enoxice · · Score: 4, Informative

    Psh, Lynx. Get with the times, man, everyone is using links2 (perhaps links2 -g if they want to be on the bleeding edge).

    --
    Anyone else think the comments just weren't rendering right before they turned off ABP and saw ads?
  5. Works with any textarea, by the way by croddy · · Score: 5, Informative
    This works with any textarea, by the way, not just GMail. Not sure why the summary doesn't mention that.

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    This works with any textarea, by the way, not just GMail. Not sure why the summary doesn't mention that.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)
    Comment: http://firegpg.tuxfamily.org/

    iD8DBQFGZDU/WCKEX KsCq6IRAvAtAJ96BAdus/rVCXS+NxlEbMsDdNxTCgCfe+da
    T yi/KWbgNLQUq/qssCj2YR4=
    =Y2mA
    -----END PGP SIGNATURE-----