GPG guide/Infographics

From LibrePlanet
< GPG guide
Revision as of 17:28, 28 May 2014 by Zakkai (talk | contribs)
Jump to: navigation, search

General Ideas

  • Narrative structure, like a comic. I imagine the story it tells is: there are two people trying to communicate, but they are being surveilled. Then they go through the process of setting up GPG, and they they communicate securely. This give us a a good way to explain keys, keyservers, encryption and sisgning.
      • First panel explains the problem and has a picture of many characters (or maybe just the original two) sending email to each other that's getting intercepted and little expressions, symbols or speech bubbles that shows all the ways this hurts them. Text refers to the problems inherent with unencrypted meail (surveillance, insecrutiy, chilling free speech, repressing dissidents etc).
      • Then some kind of thing that's like "you can do something about it" You don't have to use it all the time, but knowing how is important, and here are some times to use it. Makes you more secure from surveillance and private companies and in general.
  • Prominently features URL of the guide, which we haven't determined yet
  • Explains the basics elements of the GPG system: two people communicating, keyserver, keys, imaginary attacker who wants to surveil
  • Makes sense as a standalone sharable infographic, also makes sense as the introduction to the guide and a visual aid to understanding the basics of how the GPG system works.
  • Should grip people into wanting to participate and show them why this is important, in addition to (or instead of?) just showing them how encryption works. Overall message is "you've heard of this problem, but did you know you can do something about it? Here's how. People will share because it feels like (part of) a solution to a problem that is weighing on them
  • This is the closest thing I've seen to what I'm imagining: <http://flossmanuals.net/thunderbird-workbook/>, but it is of course less comprehensive. There's another one a few pages in to this guide, too.
  • If we have extra time, we should make an infographic to help people understand the Web of Trust
  • Would be good to have something that gives a visual impression of the network effect of people using GPG (which causes it to make more sense for still more people to join), like an expanding network.
  • A big part of this is that we want people to incorporate their GPG key into their online identity. Perhaps at some point in the infographic, it shows a drawing of a person's social media profile or website or email signature in which it shows that they are publicly displaying their GPG key.

Text

Title and introduction

Need for private communication. Right to whisper.

Flow of unencrypted communication

The password protecting your email is only thin layer of security to protect against the massive battering ram of sophisticated surveillance systems. Unfortunately, when you send email, the people who run the email server (often Google, Microsoft or Yahoo) can read it, and many surveillance agencies can too.

But there's a way!

But hope's not lost! We just have to adapt. You can have your email privacy back if you learn to use a simple, freely licensed program called GnuPG to encrypt your email into a code that only the right people can read. GnuPG runs on pretty much any computer (even smartphones) and costs no money.

How public and private keys work

Everyone using GnuPG gets a public key, which gets stored on a Web site and a private key which they keep on their computer (known together as a keypair). They're just long strings of random numbers that are unique to you.

Simple and awesome

I think we can remove this section.

Flow of encrypted communication

Once you've made your keypairs, you can easily tell GnuPG to encrypt an email so that only the intended recipient can read it. GnuPG takes the recipient's public key (remember, public keys are shared on the Internet) and your message, and combines them into an encoded message.

If anyone other than the recipient tries to read the message (even the people who own your email server), it'll just look like nonsense.

But when the recipient gets the message, their GnuPG will automatically use their private key (which only they have) to decrypt it into normal text. This works because of the special connection between the recipients' two keys.

Get started

I decided to cut this section and replace it with the Use it Well section, but then I decided to cut that too.

Happy ending

The Free Software Foundation thinks that using GnuPG can be easy and fun with the right getting started guide, so we made one! Head over to FIXME:URL and check it out. It only takes about FIXME:time to complete. It will work if you use Windows or any flavor of GNU/Linux and you can use your existing email account.

Free software sidebox - I want to add this somewhere

GnuPG is free software. That's free as in freedom, not free as in price (though it's free of cost as well). This means that it's completely transparent and anyone has the power to copy it or make their own version. This keeps prevents software companies and governments from hiding tricky bits inside of it that steal your information, and it means unbiased people can check it to make sure it works well. Read more about free software at fsf.org.

Cut: Use it well section text, preserved in case we change our minds

To protect ourselves from surveillance, we don't have to use encryption for every email. But we do have to learn how to use it and share our public keys. Once you install GnuPG and make your key, you can show it off to the world with an a key ID you put next to your email address. Everyone will know that it's safe to send you emails, and you'll be spreading the word about an important piece of technology.

Retrieved from "https://libreplanet.org/wiki?title=GPG_guide/Infographics&oldid=35036"