14 DAY TRIAL // Email sending is more and more popular. The same happens with sending attachments. Reading an electronic message or getting an attachment on your computer is a child's play and using the electronic box is no longer an enigma. All you need is to know a bit of English and have an email account.
One thing is certain: your email can fall in the hands of the wrong person if your account password is not protected the way it should. Plus: all the security in the world is reduced to passwords. The conclusion of this fact is that you have to have stronger passwords that include both letters (uppercase and lowercase), numbers, special characters and symbols. It is not too difficult a task. Just search on the Internet and you will definitely find some guides in this sense. Or you can get yourself inspired from here.
However, modern tools allow us to keep our secrets away from prying eyes and make sure that only authorized persons have access to our information. Encryption is the keyword of this review and the myriad of encryption softwares is overwhelming. They all brag about their extraordinary capacity of keeping your data private.
How would you feel if you could send an email to a person and knew for sure that nobody else could read it, save the intended receiver? I know you can do it with a $40 application, but these use single-key algorithm and having a free tool using public-key encryption sounds more appealing.
GPG4Win is a key encrypting software that gives you the possibility of protecting your email messages or even files on your computer. The beauty of the software is that it is totally free for both private and commercial use and there are absolutely no restrictions in this sense. To make yourself an idea on the security provided by GPG4Win I will just say that it is based on the international standard OpenPGP (RFC 2440). To make it simpler to you, imagine one hell of a security for your data and you'll get the idea.
GPG4Win, just like PGP (Pretty Good Privacy), utilizes two keys: one of them is private and can be used for decrypting data, and the other is public and should be used for encrypting data. No need to say that the private key is the one to be most protected from unauthorized persons. The public key can be viewed by anyone who wants to send you an encrypted message. The message encrypting/decrypting procedure is simple: the sender uses your public key to encrypt the message and you will need your private key to decrypt them.
The only interface you are going to have is that of the tools allowing you to manage your keys and run the encryption/decryption process. That is why when installing GPG4Win, you will be prompted to choose the additional tools to use. During our testing, I gave up GPGol (plugin for Microsoft 2003), and Sylpheed-Claws (a complete email program including the plugin for GPG). GPA can also be dismissed from installation because the same options are available in WinPT. However, GPA has a much better interface and it gives you an easier way to manage your keyring.
Bottom line is that all you need is WinPT and GPGee (plugin for MS Explorer); GnuPG, the actual encrypting tool is mandatory for the installation so you cannot give up on it.
I recommend using GPA for managing the keys and WinPT for the process of encrypting/decrypting the messages and the data on your computer.
As soon as you start GPA (GNU Privacy Assistant) you will be asked to create a key. It is composed of a private part and a public one, for the aforementioned purposes. All you need to do is input your name, email address and a strong password. If you ignore the backup screen you will be able to make a backup of your key later with no problem. At the end of the generation process, you will be the proud owner of two keys: one public and one private. The private one is actually the password given in one of the steps and can be changed at any moment.
More than this, you can set an expiration date for the keys, so that after a period of time they no longer can be used. And to give more credibility to the message you can sign them. This way, when decrypting the message the receiver can check if the signature is valid.
For backing up your key, all you have to do is use the Export option in the tool bar. Choose your storing location, give the file a name and that's it. The operation in reverse can be done for adding other users' public keys to GPA. This way you can exchange private secured messages with them without asking for their PGP key every time.
The inherent ability of GPA to cypher files is a bit difficult to manage as it does not offer the ease of use available in WinPT. Plus, GPA does not manage the files stored in Clipboard. And when you add the fact that WinPT can also manage the active window on your screen, it just sounds too appealing from this point of view.
The same operations can be done in WinPT as well, only they are not as clear as in GPA, due to the interface differences. But with WinPT the coding and decoding is much faster. It can decrypt and encrypt your messages, verify the validity of the signature and protect the data on your computer by encrypting it with just two clicks of your mouse.
The editor in WinPT allows fast correction of the text and quick encryption. However, you can only use the regular copy/paste function for encrypting/decrypting the messages/files. The application will automatically encrypt the text in clipboard. That means that once you have the text ready for encryption you can simply access the context menu of the system tray icon, choose Clipboard option and then select one of the alternatives available (Edit, Symmetric encryption - the same private key is used for both coding and decoding the file, Encryption - uses public key, Sign and Encrypt, Sign or Decrypt/Verify).
Thanks to GPGee you will have the option of encrypting various files in Explorer context menu. This way you can avoid opening WinPT's File Manager to add them there. However, there are some bugs in GPGee and sometimes it may not allow you to select your own key to encrypt the files with. I found myself in the situation where I could not code the files with my own key and only my friends' keys were available. It also seems that it works better if WinPT is active in system tray.
The Good
Open PGP standard is known to be one of the safest, so adding an interface is just great. The entire suite works for the protection of your data, be it a message sent via email or simply file encryption.
GPA's interface comes in very handy when you need key management and WinPT is invaluable when you want to encrypt/decrypt files. Both of them have almost the same options, but excel in only one area.
Creating the keys is extremely easy and it takes only a few seconds. The English help file provides comprehensive information on how to use GPG4Win.
The Bad
GPGee works depends on WinPT. There is much work to be done for the interface to be worthy of Vista, but it is clear that looks are not that important when it comes to protection (totally agree).
The encrypted files stored on the computer can be easily removed and there is no cure for this, yet.
The Truth
One of the best protection systems for your files, and it comes free. You have to at least try it, if not put it to constant use.
A novice will find working with the suite of programs a bit difficult, but once it is clear to you that a public key is made from two components each with specific usage, it will be piece of cake.
Here are some snapshots of the application in action:
