|MysteryVortex || |
|Take a chance and ride the MysteryVortex!|
| || |
Important PGP Concepts...or stuff you really ought to know.
This page aims to inform you about a few basic things you should know about email and what PGP protects, what it doesn't protect, and what terms like signed and encrypted mean in the context of PGP.
What PGP doesn't protect
PGP does not protect:
If PGP doesn't protect all of that, you ask, why am I bothering with it?
The answer is it still protects a lot (see the next section)
and there are steps you can take to mitigate some of the
information that is leaked.
How to mitigate some of the information leaks:
What PGP does protect
PGP does protect:
The things that PGP does protect, it does a very good job of protecting. It is likely that even a government can not break the underlying math that protects your PGP messages.
But, don't forget that your protection only extends as far as your private key. If you let anybody get ahold of that, then all bets are off!
Never give anyone your private key or passphrase!
What Terms like "signed" or "encrypted" mean
When people use and talk about PGP there are a lot of terms used that all have a distinct meaning.
Your private key is protected with the passphrase that you entered when you generated it. Without the passphrase even someone who steals the file containing your key can't use it.
Even so, don't let anyone have it. Guessing or finding your passphrase is likely to many many times easier than guessing or finding your private key. The difference is likely to be days vs. centuries.
Your public key allows others to send messages or files that only you can read, as well as verify messages that you sent are really from you and haven't been modified or tampered with.
Usually you would send your public key by email, then communicate your key's fingerprint to the recipient by another means such as a phone call, a letter, or in person. This ensures that no one has intercepted the email with your key in it and replaced it with their own. (That is known as a man-in-the-middle attack)
mysteryvortex.com is part of the MysteryVortex family of websites.