If you’re worried about someone reading your e-mail, here are some basic steps to get around the problem. You should do all of these things. They’re not that hard and are a completely reasonable response to any fears or concerns about your online privacy. What would it truly take? What do you have to do to keep the government out of your e-mail?
This is what it takes to keep them out.
Encryption is the cornerstone of everything you do. If you use something like AES 1056 bit encryption with a very complex pass phrase and do it correctly, the odds are that your stuff won’t get broken into until the human race is busy doing other things like colonizing extra-solar planets. Or we’ll simply all be long-dead, and no one will care who you mailed anyway.
- Use Pretty Good Privacy (PGP) or some other encryption method of the content itself to encrypt individual e-mails. Each e-mail sent should be encrypted for it’s content.
- Automatically and permanently reject any unencrypted e-mail from anyone or any service. They will eventually understand when you never reply. You will likely never get another e-mail from a site like Facebook, ever again. This is alright, since this is like quitting smoking or heroin. You can’t “kind of” quit.
- ONLY connect to your mail servers via SSL–no exceptions, ever. Basically, if it’s web based, and you don’t see https:// instead of http://, you don’t get mail. Ever. For starters.
- Routinely re-encrypt your entire remote mail store with the highest end encryption available. Don’t store your encryption keys with the mail store; keep them on your person at all times on a USB key. Make sure that the USB ports on your self-built operating systems are locked down unless you activate them by hand with a pass phrase that changes daily. I’ll cover this completely reasonable precaution in the next section.
- Don’t save ANY mail logs. If you do, encrypt them just as tightly.
If your hardware security can't stop this guy, you fail.
You know that nice Dell system sitting on your desk? That you carefully “hand crafted” on their web site? It’s your enemy. Dump it in the harbor. You should also immediately smash your iPhone off of the wall until it is in dozens of pieces, for your own safety and peace of mind.
- Don’t buy a Dell machine, or an HP, or one from Best Buy, for this project. Buy every piece individually, in person, with cash, and build it yourself. How do you know there isn’t a hardware backdoor or security risk?
- Build your own mail server the same way.
- Build your own mobile phone the same way.
- Store NOTHING on the local machine, be it your iPhone, your laptop, or your desktop. If you use Outlook or Thunderbird, for example, stop. Uninstall them. And throw your hard drive in the ocean to make sure no one can get at what was there before. If you use a browser for mail–like Gmail or Yahoo–stop. Uninstall your browser. Then throw your hard drive in the ocean again.
- Make sure you maintain tight physical access control over all hardware. All external ports like USB or CD bays should be sealed and secured physically with locks that only you have a key for. Also, require an encrypted USB key to even activate those devices. The USB ports of course are disabled, so to enable the USB ports you should enter at least a 32-bit mixed case password like 6[6GcYE!&f&}J4!Lbb/ot/,;e5<
Passwords:
You thought I was going to skip this section, didn't you?- Passwords like $$5fHy^asd2_!!13233heN111erY should be random and should be forced to reset daily to other easy passwords like MZds*a/-b8;J8y+\V%(b1=7o)5DatBc*.
- Any password not as convenient as omX=oPsY~pGeg*:thh?dH%,d]~|Ygp[r is working against you.
Software:
Secret anagram for "Central Intelligence Agency".
Isn’t it nice how Google provides you e-mail? Or how easy Outlook Express and Thunderbird are to use? Yeah, it sure is swell and convenient. By the way, do you know every possible function or capability of those systems? Did you know that every time you use Gmail or Thunderbird, it reports EVERYTHING you’ve done to the National Security Agency? No, I’m kidding. They don’t do that. But you can’t prove that they don’t, can you?- Build your own operating system for your PC, laptop, or mobile phone that connects to your mail server and build your own mail client software so that you know there are no possible backdoors from the government on them. Build this on new hardware, not the computer you threw in the ocean.
- Build your own operating system for the mail server the same way. You’ll need to design all the associated applications and services that also are needed to run a server here, including a mail server system that is compliant with and able to communicate with others.
- Design your own iPhone style operating system. And you better do your own cellular radio network and towers, to play it safe. No, there’s no app for that.
Your social practices:- Next, only mail with people that use comparable basic levels of security.
- Finally, don’t mail anyone. It’s the only way to guarantee your mail doesn’t get out.
See? Totally reasonable, and that’s what it truly takes, but I may have missed something else that could be a security hole. The safest bet is to avoid anything that runs on electricity.
