What the heck is PGP?!

What the heck is PGP?!

Most likely you're here because you got an email message and it either had a chunk of garbled stuff at the end with a Comment saying, What the heck is PGP?! Go to http://542boyd.dhs.org/pgp or the entire message was garbled junk.

PGP (Pretty Good Privacy) is a public key encryption program. Ok, wait, what is public key encryption?! In short, public key encryption is a way for people to 1) send email or files back and forth securely and 2) sign email and files with a digital signature that cannot be forged.

Ok, but why in the world do I need to encrypt my email, isn't that just for spies and industrial espionage characters in Tom Clancy novels? No, and here's why. Currently sending an email over the internet is the same as sending a postcard through the mail, but worse. When you send a postcard, 1) your postman could read it (big deal) or he could change your postcard so that it said something different (ya right). When you send an email, every computer along the path between you and the person your sending to can and will read your email as easily as reading a postcard. Additionally they all could change your message, and since it's not in your handwriting it will look just like any other message you have sent. This is as if every time you sent someone a letter you instead wrote it on a postcard and handed it to a complete stranger who then passed it along to 10 other complete strangers who then passed it finally to the person you were sending it to.

So what does this mean to me? Well, one of two things. First, if the email you got just has a chunk of garbled junk at the end of it, then that's my signature. With the PGP program you can determine, unequivocally, if the message is identical to what I sent to you. If that's not important to you, then ignore it. Second, if the entire message is garbled junk then that means that you're already hep to this whole PGP thing since that is an encrypted message, and you must have already installed PGP (at some point).

Ok, I don't give a damn if people can read my email, and I don't believe that anyone would have any reason to change an email that I sent someone, so screw this geek stuff. A good point, in all likely hood, no one is going to change any email that you send, why the heck would they (unless they're mean and bored like most crackers on the net), and so what if they read your email, so they get to find out how late you were up last night and how wasted you got at that party. The reason that I use PGP and encourage others to use it (by providing this page of explanation) is the theory. If, at some point in the future, I do have an email (containing bank information, correspondence between me and the woman I'm having an affair with, personal information that could be used against me, anything that I would normally send through the mail in a letter and absolutely not on a postcard) that I need to send securely, I don't want it to be a big deal. I don't want the US government to have outlawed encryption technology in the private sector, I don't want to arouse extra suspicion (hmm, he's never sent an encrypted message ever before and now he sends one, I bet it has something really important in it, I'm going to try to break it) and I definitely don't want to have to explain what PGP is to the person I'm sending the message to, have them install the program, create a key, just so I can send them a message in a letter and not on a postcard.

At this point I've either sold you, or you think this is just another one of Gene's crazy techno-fetishes. Either way is ok, if there is any aspect of this that you don't understand I would love to answer questions about it, send me an email or call. If you would like to try this PGP thing out, great. PGP is free, not shareware, absolutely free. It was written with the intent that it be free and available to everyone. If you are a windows or mac user, your set. The current PGP release of 6.5.2 has email plugins for Microsoft Outlook 97/98/2000, Microsoft Outlook Express 4.x/5.x, Qualcomm Eudora 4.x and Claris Emailer 2.x. There also exist tons of other add on's that integrate PGP into your email program, so that it's easy to use. You can download PGP from https://pgp.mit.edu/ You are more than welcome to call or email if me you want help installing and setting up PGP. Thanks for your time.

-Eugene Wood

Additional Links

Download PGP

Public Key for Eugene Wood

The PGP Help Team

Originally Drafted : June 16, 2000
Last Updated : October 23, 2003

Leave a Reply

Your email address will not be published. Required fields are marked *