Difference between revisions of "GPG guide/Infographics"
| Line 20: | Line 20: | ||
===But there's a way!=== | ===But there's a way!=== | ||
| − | But hope's not lost! We can have | + | But hope's not lost! We just have to adapt. You can have your email privacy back if you learn to use a simple, freely licensed program called GnuPG to encrypt your email into a code that only the right people can read. GnuPG runs on pretty much any computer (even smartphones) and costs no money. |
===How public and private keys work=== | ===How public and private keys work=== | ||
| + | Everyone using GnuPG gets a public key, which gets stored on a Web site and a private key which they keep on their computer (known together as a keypair). They're just long strings of random numbers that are unique to you. | ||
===Simple and awesome=== | ===Simple and awesome=== | ||
| + | Once you've made your keypairs, you can easily tell GnuPG to encrypt an email so that only the intended recipient can read it. GnuPG takes the recipient's public key (remember, public keys are shared on the Internet) and your message, and combines them into an encoded message. | ||
| + | |||
| + | If anyone other than the recipient tries to read the message (even the people who own your email server), it'll just look like nonsense. | ||
| + | |||
| + | But when the recipient gets the message, their GnuPG will automatically use their private key (which only they have) to decrypt it into normal text. This works because of the special connection between the recipients' two keys. | ||
===Flow of encrypted communication=== | ===Flow of encrypted communication=== | ||
| + | |||
| + | ===Use it well=== | ||
| + | |||
| + | ===Happy ending=== | ||
| + | Will you? dadda? | ||
Revision as of 17:11, 28 May 2014
Contents
General Ideas
- Narrative structure, like a comic. I imagine the story it tells is: there are two people trying to communicate, but they are being surveilled. Then they go through the process of setting up GPG, and they they communicate securely. This give us a a good way to explain keys, keyservers, encryption and sisgning.
- First panel explains the problem and has a picture of many characters (or maybe just the original two) sending email to each other that's getting intercepted and little expressions, symbols or speech bubbles that shows all the ways this hurts them. Text refers to the problems inherent with unencrypted meail (surveillance, insecrutiy, chilling free speech, repressing dissidents etc).
- Then some kind of thing that's like "you can do something about it" You don't have to use it all the time, but knowing how is important, and here are some times to use it. Makes you more secure from surveillance and private companies and in general.
- Prominently features URL of the guide, which we haven't determined yet
- Explains the basics elements of the GPG system: two people communicating, keyserver, keys, imaginary attacker who wants to surveil
- Makes sense as a standalone sharable infographic, also makes sense as the introduction to the guide and a visual aid to understanding the basics of how the GPG system works.
- Should grip people into wanting to participate and show them why this is important, in addition to (or instead of?) just showing them how encryption works. Overall message is "you've heard of this problem, but did you know you can do something about it? Here's how. People will share because it feels like (part of) a solution to a problem that is weighing on them
- This is the closest thing I've seen to what I'm imagining: <http://flossmanuals.net/thunderbird-workbook/>, but it is of course less comprehensive. There's another one a few pages in to this guide, too.
- If we have extra time, we should make an infographic to help people understand the Web of Trust
- Would be good to have something that gives a visual impression of the network effect of people using GPG (which causes it to make more sense for still more people to join), like an expanding network.
- A big part of this is that we want people to incorporate their GPG key into their online identity. Perhaps at some point in the infographic, it shows a drawing of a person's social media profile or website or email signature in which it shows that they are publicly displaying their GPG key.
Text
Title and introduction
Need for private communication. Right to whisper.
Flow of unencrypted communication
The password protecting your email is only thin layer of security to protect against the massive battering ram of sophisticated surveillance systems. Unfortunately, when you send email, the people who run the email server (often Google, Microsoft or Yahoo) can read it, and many surveillance agencies can too.
But there's a way!
But hope's not lost! We just have to adapt. You can have your email privacy back if you learn to use a simple, freely licensed program called GnuPG to encrypt your email into a code that only the right people can read. GnuPG runs on pretty much any computer (even smartphones) and costs no money.
How public and private keys work
Everyone using GnuPG gets a public key, which gets stored on a Web site and a private key which they keep on their computer (known together as a keypair). They're just long strings of random numbers that are unique to you.
Simple and awesome
Once you've made your keypairs, you can easily tell GnuPG to encrypt an email so that only the intended recipient can read it. GnuPG takes the recipient's public key (remember, public keys are shared on the Internet) and your message, and combines them into an encoded message.
If anyone other than the recipient tries to read the message (even the people who own your email server), it'll just look like nonsense.
But when the recipient gets the message, their GnuPG will automatically use their private key (which only they have) to decrypt it into normal text. This works because of the special connection between the recipients' two keys.
Flow of encrypted communication
Use it well
Happy ending
Will you? dadda?
