M41LZ in Tails

securing e-mail

 

Copyright © 2015 Tom Marble

 

{     |     | }        

attrib

CHANGELOG

1.0.0

I'm going to learn...

SECURE E-MAIL?

attrib

agenda

Why secure mail?

attrib
attrib
attrib
attrib
attrib

" The stakes for getting copyright right have never been higher. There has never been a fight over entertainment-related technology where the consequences for everyone outside the entertainment industry were potentially more disastrous than they are now. "

attrib

"... Every day that goes by creates more people for whom the Internet is a key part of their lives. Meanwhile, the entertainment companies have told they world that unless they get to regulate the Internet, they will die.

It's us or the Internet, they say. The danger is if they keep this up, they'll be right. "

attrib
attrib

WHO U GONNA TRUST?

THE WEB OF TRUST!

attrib

OpenPGP

attrib
attrib

2 degrees of separation

An OpenGPG encrypted e-mail looks like...

The WoT beyond mail

OpenPGP e-mail:

version 1.2.3 due today Jan 14

attrib

Running Tails

attrib
attrib

 

 

 

 

 

 

 

 

 

 

 

anonymity is hard

attrib

Install Tails

  1. get 2 USB drives (4GB is fine)
  2. download tails-i386-1.2.2.iso & .sig
  3. [opt] gpg --verify tails-i386-1.2.2.iso.sig
  4. install Tails on first USB drive
  5. boot into Tails
  6. use Tails to install on the second USB drive -- this time with a persistent volume

tmarble → WoT → tails

 

 

 

 

 

 

 

 

 

 

 

Starting tails...

Boot into the (first) USB drive...

Install Tails on the second USB drive

Boot into the second USB drive...

Configure the Persistent/ volume

Reboot into Tails

 

to enable the Persistent/ volume

Now use the Tor browser to log into webmail

to verify that you can reach your e-mail server.

 

note: you may have login challenges

note: you may have to enable IMAP

warning: logging in will de-anonymize you

You got webmail working?

Great! Let's make an OpenPGP key...

 

 

 

GPG 1/9

 

 

 

 

 

 

 

 

 

 

 

GPG 2/9

 

 

 

 

 

 

GPG 3/9

 

 

 

 

 

 

GPG 4/9

 

 

 

 

 

 

GPG 5/9

 

 

 

 

 

 

GPG 6/9

 

 

 

 

 

 

GPG 7/9

 

 

 

 

 

 

GPG 8/9

 

 

 

 

 

 

GPG 9/9

 

remember

your

passphrase!

Yay! Now let's trade public keys...

↷ export mine, share with a friend

↶ acquire friend's key, import it

 

 

 

Export my key: tommarble.asc

Import their key: tmarble.asc

Configure Claws e-mail in Tails

Setup Claws e-mail preferences

Ooops I CAN HAZ A nasty BUG?

Must workaround this or else...

UR MAILZ CLEARTEXT READ THEM I CAN

attrib

Let's send secure mail!

note: you can accept the dialog about your friend's key not being trusted

SENT... yay!

 

 

 

Let's double check webmail...

wut?   ☺  

What does my friend see?

decrypts your mail and

encrypts a response...

You have new mail!

 

 

 

 

 

 

 

 

 

  I knew that!

Next steps...

Resources

In the future...

Secure e-mail will be easy

PLEASE!

attrib

Questions? Discussion...

 

 

 

attrib

Credits

 

 

 

attrib