• INTRODUCTION
• ABOUT THIS WORKBOOK
• INTRODUCTION TO THUNDERBIRD
• ENCRYPT AND SIGN YOUR EMAIL
• WHY ENCRYPT AND SIGN EMAIL
• CREATE YOUR PGP KEYS
• SEND AND RECEIVE PUBLIC KEYS
• SEND ENCRYPTED AND SIGNED EMAIL
• RECEIVE ENCRYPTED MAIL
• HELP I FORGOT MY PASSWORD
• INSTALLING ON WINDOWS
• INSTALLING THUNDERBIRD IN WINDOWS
• INSTALLING PGP IN WINDOWS
• INSTALLING ON UBUNTU
• INSTALLING THUNDERBIRD IN UBUNTU
• INSTALLING PGP IN UBUNTU
• INSTALLING ON OSX
• INSTALLING THUNDERBIRD IN OSX
• INSTALLING PGP IN OSX
• SET UP AN ACCOUNT
• ACCOUNT SET UP

Why Encrypt and Sign Email

Some background information about email and how you can install software to sign and encrypt it  [30-45 mins]

E-mail is one of the oldest forms of communication on the Internet. We often use it to communicate very personal or otherwise sensitive information. It is very important to understand why e-mail in its default configuration is not secure. In the following tasks we will describe the different methods necessary to secure your e-mail against known threats.

No sender verification: you cannot trust the 'from' address

Its easy to make it look like an email comes from someone other than the person who actually sent it.

Just like a real letter, its easy to write a made up return address. We will show you how to sign email, which means that people you email can be confident that the email comes from you.

E-mail communications can be tapped, just like telephones

An e-mail message travels across many Internet servers before it reaches its final recipient. Every one of these servers can look into the content of messages, including subject, text and attachments. Even if these servers are run by trusted infrastructure providers, they may have been compromised by hackers or by a rogue employee, or a government agency may seize  equipment and retrieve your personal communication.

There are two levels of security that protect against such e-mail interception. The first one is making sure the connection to your e-mail server is secured by an encryption mechanism. The second is by encrypting the message itself, to prevent anyone other than the recipient from understanding the content. This challenge covers E-mail encryption using PGP within Thunderbird.

Installing Thunderbird, Enigmail & PGP / GPG

Thunderbird is an email client which has many options and add ons which give you better email security. One of these add ons is a tool called Enigmail. Enigmail needs another bit of software called GPG (which is also known as PGP) to work. What Enigmail does when it is installed is to add a menu item called OpenPGP to your Thunderbird email client when you are checking or sending emails.

Before we can continue we need to make sure you have the right tools for the job. In some operating systems it is quite easy to install these tools so that they work well together. It should only take you 5 minutes if you are using Ubuntu. However in other operating systems getting these three tools to play nicely together can be a bit tricky. You may have to do some troubleshooting. We really wish that this stage was easier. If you run in problems, try to have patience and read the instruction well help you if you get stuck.

TIP! It is quite common to make mistakes and run into errors when you are learning how to use encryption. Why not experiment with a new email address that isn't the one you use all the time? When you are confident using the tools then you can use your normal email. 

Task

Install Thunderbird, PGP and Enigmail and set up an email account. 

If you don't already have Thunderbird, PGP and Enigmail tools installed then;

• Read the installation instructions for your operating system in the Thunderbird Workbook here - For Windows -  For Mac OSX - For Ubuntu. Then install the latest version of Thunderbird for your operating system.
• Read how to install PGP & Enigmail here -  For Windows -  For Mac OSX - For Ubuntu. Then install PGP and the Enigmail plugin for Thunderbird. 
  
• Set up an account with Thunderbird to use an email - Help on how to set up an account is available here