Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security How To

Lock Down Your Email

Another way to stay secure in your communications while on the road is email encryption. A good idea even while at home, encrypted email becomes all the more useful when accessing the Internet through an insecure access point or in an untrusted computing environment.

As with disk encryption and VPNs, there are a variety of different ways available to encrypt email. The most common email encryption mechanism is Pretty Good Privacy (PGP), which can be found in a variety of implementations ranging from standalone command-line tools to plugins for email clients.

The competing (and incompatible) standard is Secure/Multipurpose Internet Mail Extensions (S/MIME), which requires a valid security certificate from a reputable certifying authority. Both standards are endorsed by the National Institute of Standards and Technology as security standards, and are both secure enough for everyday use. However, the two standards cannot decrypt one another, so it is important to know which email encryption mechanism the person you are communicating with uses before sending a message (or even if they are using encryption at all!), to avoid a mess of garbage text from reaching your recipient.

PGP is officially available through the PGP Corporation, which also offers the PGP Universal solution for encrypting emails in an enterprise environment. For a free option, Gnu Privacy Guard (GPG) is a free/open-source solution that can be used from the command line or even plugged into an email client for even easier encryption.

The Enigmail plugin for Mozilla Thunderbird (Figure 5) allows GPG email encryption directly from the client. In the large version of the figure below, the message on the left has been encrypted, while the message on the left has been decrypted.

Figure 5: Enigmail plugin for Mozilla Thunderbird

Figure 5: Enigmail plugin for Mozilla Thunderbird

S/MIME support is included with many e-mail clients, so using it is as easy as selecting the 'Encrypt Email' option within the client. The difficult part, however, comes with obtaining a certificate from a CA. Many organizations provide their own CA's, but certificates are also available through trusted third-party CA's. Thawte is the most popular third-party CA, and can issue free S/MIME certificates (Figure 6), while VeriSign provides certificates for a fee.

Figure 6: An S/MIME certificate issued by Thawte and viewed in Mozilla Firefox. (Click to enlarge)

Figure 6: An S/MIME certificate issued by Thawte and viewed in Mozilla Firefox. (Click to enlarge)

A word of caution/paranoia: Though the cryptographic algorithms behind mechanisms such as PGP and S/MIME are secure, it should be noted that their greatest weak points come in their implementations. An improperly-implemented version of one of these algorithms can provide a false sense of security - which can be even worse than having no security at all! - so take care to update to the latest versions of whichever implementation you choose. Or, for the truly paranoid, just use the time-tested command-line versions of each tool.

A final concern when bringing your laptop on the road is file sharing. For security's sake, unless you absolutely trust the network you are plugged into, disable file sharing on your laptop's network adapter when connecting to a network. This will prevent other machines from viewing and accessing the files on your laptop, and may even save you the pain of having to remove a worm from your machine if file sharing permissions are improperly configured.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello,Just bought a brand new AX88U router. My issue is connecting to the 2.4ghz band. If I am right next to the router it works fine but if I move to...
After 4 days, Port Forwarding rule disappears from router. It can be easily reentered and will persist for approximately the same period, before disap...
I live in a complex that has great broadband. I have been annoyed with my Linksys's inability to keep things running, and since my alexa stuff does no...
Hello to everybody from Italy. It's my first postI recently picked up an DSL-AC68U and installed merlin. For now the only issued that i encountered is...
Greetings,Just setup a R6700V3 to replace an 8 year old D-Link 655. Roku Premiere was killing the 655 every 4-24 hours.My Windows 10 PC connects via e...

Don't Miss These

  • 1
  • 2
  • 3