Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security How To

Lock Down Your Email

Another way to stay secure in your communications while on the road is email encryption. A good idea even while at home, encrypted email becomes all the more useful when accessing the Internet through an insecure access point or in an untrusted computing environment.

As with disk encryption and VPNs, there are a variety of different ways available to encrypt email. The most common email encryption mechanism is Pretty Good Privacy (PGP), which can be found in a variety of implementations ranging from standalone command-line tools to plugins for email clients.

The competing (and incompatible) standard is Secure/Multipurpose Internet Mail Extensions (S/MIME), which requires a valid security certificate from a reputable certifying authority. Both standards are endorsed by the National Institute of Standards and Technology as security standards, and are both secure enough for everyday use. However, the two standards cannot decrypt one another, so it is important to know which email encryption mechanism the person you are communicating with uses before sending a message (or even if they are using encryption at all!), to avoid a mess of garbage text from reaching your recipient.

PGP is officially available through the PGP Corporation, which also offers the PGP Universal solution for encrypting emails in an enterprise environment. For a free option, Gnu Privacy Guard (GPG) is a free/open-source solution that can be used from the command line or even plugged into an email client for even easier encryption.

The Enigmail plugin for Mozilla Thunderbird (Figure 5) allows GPG email encryption directly from the client. In the large version of the figure below, the message on the left has been encrypted, while the message on the left has been decrypted.

Figure 5: Enigmail plugin for Mozilla Thunderbird

Figure 5: Enigmail plugin for Mozilla Thunderbird

S/MIME support is included with many e-mail clients, so using it is as easy as selecting the 'Encrypt Email' option within the client. The difficult part, however, comes with obtaining a certificate from a CA. Many organizations provide their own CA's, but certificates are also available through trusted third-party CA's. Thawte is the most popular third-party CA, and can issue free S/MIME certificates (Figure 6), while VeriSign provides certificates for a fee.

Figure 6: An S/MIME certificate issued by Thawte and viewed in Mozilla Firefox. (Click to enlarge)

Figure 6: An S/MIME certificate issued by Thawte and viewed in Mozilla Firefox. (Click to enlarge)

A word of caution/paranoia: Though the cryptographic algorithms behind mechanisms such as PGP and S/MIME are secure, it should be noted that their greatest weak points come in their implementations. An improperly-implemented version of one of these algorithms can provide a false sense of security - which can be even worse than having no security at all! - so take care to update to the latest versions of whichever implementation you choose. Or, for the truly paranoid, just use the time-tested command-line versions of each tool.

A final concern when bringing your laptop on the road is file sharing. For security's sake, unless you absolutely trust the network you are plugged into, disable file sharing on your laptop's network adapter when connecting to a network. This will prevent other machines from viewing and accessing the files on your laptop, and may even save you the pain of having to remove a worm from your machine if file sharing permissions are improperly configured.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello All!I'm a newbie on networking and wireless, I only know the basics, so bear with me. I purchased a Asus AC86U to use in my house to replace a A...
Hey guys, I have movistar STB's which require both connection to their VLAN 11 tagged interface (it does have nat) and also requires internet access w...
Hey guys. I have movistar, and I'm pretty sure the provided stb profile is for spain, which is basically the same with the only difference being diffe...
I am trying to setup my router (AX88) so that the traffic from the router (transmission) goes through VPN and the rest of the devices go through WAN. ...
I know what the link rates are for 2.4Ghz but what speeds are you really seeing in the US when using 2.4Ghz wireless. I am thinking of playing with 2....

Don't Miss These

  • 1
  • 2
  • 3