What is Reddit's opinion of OpenKeychain: Easy PGP?

From 3.5 billion Reddit comments

Yes.

​

Have a keypair on your phone, and a keypair on pc. decrypt it on pc, then encrypt the plaintext with the phones public key.

​

On your phone you can decrypt it with the phones private key.

​

This is what public key crypto is made for!

​

Also there are gpg/pgp apps on android that make it fairly easy to do this.

​

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Have you seen OpenKeychain and Keybase.io?

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

https://play.google.com/store/apps/details?id=io.keybase.ossifrage

They use of a custom keyboard is a nice idea, though

Poor spelling

Doesn't explain what modes are used

Source code...? No audits? How does key management work?

Tldr just use OpenKeychain:

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

This is true. You can't send encrypted mail if you don't have the public key of the recipient. If you're only concerned about over the wire security, don't be, I'm pretty sure all big email providers now use secure connections.

If you want to use true end-to-end encryption, I suggest you look into PGP (GPG? who knows?) encryption. I use OpenKeyChain to encrypt, decrypt, sign and verify messages on my phone and Thunderbird on my computer to do the same. I don't think OpenKeyChain supports mails directly though, so you'll need to do some copy pasting

On Android, K9 mail with OpenKeychain.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain
https://play.google.com/store/apps/details?id=com.fsck.k9

OpenKeychain even supports the Yubikey NEO PGP module over NFC.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

and

https://play.google.com/store/apps/details?id=org.sufficientlysecure.termbot

I don't use FIDO2 for SSH as I use a lot of older systems that can't.

K9 has only 3,2/5 stars on Google Play and Proton is know for not being very trustworthy: https://www.cpomagazine.com/data-privacy/request-from-french-police-compelled-protonmail-to-reveal-ip-logs/amp/

What do you think about OpenKeychain ? https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

I use https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain personally, but remember to import your keys from your comp, not make new ones, else they can't decrypt your folder. Also this defeats the extra layer of security by having the keys on the device. >.> Fyi. Unless you load the keys on a USB drive and unlock with the USB to otg adapter. ( Or USB to USB c otg adapter) and then when you need to see the files connect the USB.
But just an idea

In Android, I use OpenKeychain.

On iOS, my wife uses PGP Everywhere.

The latter is a paid (but inexpensive) closed-source app. I've not been able to find a F/OSS one for iOS.

Does their public key contain an email address? If you don't already have an app for managing your PGP keys, you should get OpenKeychain.

I found GPG4usb a bit simpler and easier to use then gpg4win. Also check out OpenKeychain: Easy PGP for android.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Sigaint for sure! Create a new identity for yourself using Sigaint. And don't link any real accounts or info to the new identity.

Let me know when you root. I need to do that...been kinda weary.

You can always encrypt it, for example with OpenKeyChain (Google Play, F-Droid)
Just generate a key with some dummy name/email/password. Then tap the comic in a file manager, choose "Encrypt with OpenKeyChain", let it do it's thing, tap "share" in OpenKeyChain, upload it to Google Drive.
The next time you download it from there open it with OpenKeyChain, decrypt it, and then you can open it with the reader app
Something like this, have not tried it myself, but the setup process and encryption decryption process seemed very intuitive and fast

For you Android users:

You can use K9 mail with OpenKeychain.

OpenKeychain also works fine standalone to decrypt / encrypt / sign / verify via clipboard or file picker. It uses the Documents API on recent Android versions so you can directly pick files from local storage and Drive and also on cloud storage which other apps have registered with the Documents API.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain https://play.google.com/store/apps/details?id=com.fsck.k9

OpenKeychain even supports the Yubikey NEO PGP module over NFC. This provides some decent exfiltration protection and requires button push for any actions to be performed, and is reasonably easy to use across multiple devices.

You can also use OpenKeychain which allows you to write to and encrypt the clipboard and then auto open the contents in an email. It works with either K-9 or the native android email client.

I would suggest using a different private key for the device as phones can be compromised, or lost.

By the way, you might be interested in OpenKeychain. It's a more actively developed fork of APG with a nicer interface and more features.

NSO sells powerful software to governments for a price of US $1,150,000. The NSO software renders iOS privacy and tracking defenses ineffective.

You can use the Tor Browser at all times except use Firefox when you must enable cookies to enter a username and password to sign in a bank account or other essential account that requires genuine personally identifying information.

See recommended Tor Browser settings to maximize anonymity and privacy and to make your browser fingerprint as small as possible.

When you use Firefox, you can consider using the recommended add-ons and browser configurations.

See: OP: What are common avoidable mistakes that undermine anonymity for all Tor browser users? With any browser, you can keep your browser fingerprint as small as possible to help avoid browser fingerprint tracking.

You can measure your browser fingerprint: PANOPTICLICK test.

A typically small Tor Browser fingerprint has 5.8 bits of identifying information and a fingerprint ratio of 1:55, which means one in 55 browsers have the same fingerprint as yours. The average browser fingerprint is larger, easier to track, and carries 10.5 bits of identifying information with a fingerprint ratio of 1:1448. Some browsers carry as much as 21.9 or more bits of identifying information with a fingerprint ratio of 1:4,000,000 or worse, which is a huge fingerprint very easy to track.

See OP: How does GCHQ and NSA track individual Tor browsers? Here's what you can do to help thwart it.

You can better preserve your anonymity and privacy by never entering your real name, real email address, real phone number, or any other personally identifying information in any web form except when you have to use Firefox to log in your bank account or other essential account that requires genuine personally identifying information.

See comment. You can use the web search engines eu.StartPage.com and eu.ixquick.eu to preserve your anonymity and privacy and prevent tracking. Unlike Google and other US search engines, these search engines never log your IP Address, never log your search history, provide anonymous proxy web surfing, and are in the Netherlands, outside of the jurisdiction of the US government and any search warrant authorizations by any US court. Both search engines are fully compatible with the Tor Browser.

At the TorProject Blog site, you can read the latest Tor Project announcements and other important information about Tor.

You can read the Graham Cluley site to stay abreast of breaking news about the latest privacy and malware threats, and you can subscribe to the newsletter. The site will not track you or share your email address. The site is fully compatible with the Tor Browser.

You can decide to never sign in or use any Google account again. Google requires you to enable cookies to sign in a Google, YouTube, or other account on a site Google owns. Once you have signed in, you are being logged, tracked, registered, recorded, shaked, and baked. Your data will end up in the hands of other companies and, possibly, in the hands of the NSA and GCHQ because all US web sites and US companies based in the US must comply and give all of your personal information to the US government when a US court orders it.

You can use free open source PGP encryption software to encrypt your emails and files. For years, PGP has been the world's most popular encryption software. All US email service providers based in the US copy and save all of your emails. If you delete all of your emails, your US email service provider still keeps copies of all of your emails. US courts can force your US email service provider to surrender all of those emails to the US government. The government and your email service provider cannot read your email messages if you use PGP to encrypt them.

You can download free open source PGP encryption software for your os: OS X, Linux, Windows, iOS, Android

For email privacy, you can use a web mail service provider outside of the United States, beyond the legal jurisdiction of the US government and beyond any search warrant authorizations of the US FISA Court or any other US court.

Two excellent email service providers are StartMail in the Netherlands and ProtonMail in Switzerland. The privacy laws of the Netherlands and other EU countries are vastly superior to US privacy laws, and the privacy laws of Switzerland might be the best in the world. Both email service providers give the account holder the option to encrypt emails with PGP encryption. StartMail allows you to send PGP encrypted emails to recipients who do not use PGP. These sites are fully compatible with the Tor Browser.

StartMail requires no personally identifying information to open a 7-day trial account, but it does require a credit card to pay for a subscription account if you are in the USA. A basic ProtonMail account is free.

You can use a StartMail 7-day trial account email address or a Yandex Mail free email address if you must enter an email address to open a free ProtonMail account. Yandex Mail requires no personally identifying information to open a free email account.

You can use passphrases instead of passwords for better security. See: EFF Creating Strong Passwords > Choosing Strong Passwords > Diceware. See: Diceware passphrase list, Diceware alternative Beale list, and EFF passphrase list.

As much as possible, you can avoid giving any personal information to US web sites based in the US because a US court can force any such site to surrender all of your personal information to federal, state, or local government authorities.

When you have a choice, you can choose to do business with web sites based in a European Union country or Switzerland, but avoid UK web sites. UK government surveillance programs are nearly as expansive as NSA surveillance programs. The gargantuan UK GCHQ government intelligence agency collects as much, if not more information on Internet users than the NSA.

I use Pass along with a private repo on bitbucket. I use Open Key Chain and Password Store to retrieve passwords on my android device.

OpenKeychain

APG

If you are paranoid and you are going to send sensitive data consider encrypt communications using GPG.

For Android:

OpenKeychain (GPGtool):

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

K-9 Mail (email client)

https://play.google.com/store/apps/details?id=com.fsck.k9

If you have doubts, the internet will save you hahahaha.

EDIT: Both apps available in https://f-droid.org (FOSS)

OTP only makes sense for a cloud-based service (like LastPass). If you want a password database that you control, then it's encryption, not authentication, that matters [1].

Here is my setup:

• Encryption is done by gnupg.
  • The private keys are not on my laptop and certainly not on my phone. The private keys are on a yubikey, as an openpgp smartcard.
  • To access the keys on the yubikey, it requires a PIN. Mine is 8 digits, and if you have 3 consecutive failed attempts, the card locks you out.
  • This is what gives you the 2-factor. The Yubikey is the something you have and the PIN is the something you know.
  • On Android, PGP is handled with OpenKeychain (Play Store, F-Droid)
• The database is managed by pass. It's just a bash script that is glue for a bunch of other stuff. There are a bunch of front ends for it, but relevant to this conversation, there is an Android app (Play Store, F-Droid).
• To keep it all sync'd, I use Syncthing (Play Store, F-Droid)
  • pass also supports git out of the box, which you can use to keep it sync'd. I opted to not do this, since I don't have a private repo that I can use that is Internet accessible.

Adding OpenKeychain to the mix.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

It's been a while but I Google PGP for Android and this was the first result:

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain&hl=en_US

It's PGP (Pretty Good Privacy), but GPG (GNU Privacy Guard) is one of the programs you can use to generate it. https://gnupg.org/. This is one example of a PGP app for Android: https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain&hl=en

Sounds like you can use PGP.

gpg on desktop, OpenKeychain: Easy PGP on Android.

Besides, any binary files can be encoded into strings using a conversion scheme such as base64. This is what PGP uses.

Use OpenKeychain.

You can use OpenKeychain to encrypt folders, files, or text with a PGP certificate. https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

It won't be any different to use, it will be the same concept

I use it with Open Keychain

You can change your password, but consider using a passphrase instead of a password. See: The Diceware Passphrase Home Page. Even if you create a new passphrase, Yahoo and the government still can read all of your emails if they are not encrypted. You can consider dumping Yahoo Mail and instead use Proton Mail and/or StartMail, which both provide email encryption. If you dump Yahoo, you can consider whether you want to forward any really important saved Yahoo emails to your new ProtonMail and/or StartMail accounts.

You can download free open source email encryption software from the following sites:

OS X: https://ssd.eff.org/en/module/how-use-pgp-mac-os-x
Linux: https://ssd.eff.org/en/module/how-use-pgp-linux
Windows: https://ssd.eff.org/en/module/how-use-pgp-windows-pc
iOS: https://itunes.apple.com/app/ipgmail/id430780873?mt=8
Android: https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

You can dump Yahoo mail. Instead, you can use ProtonMail in Switzerland and StartMail in the Netherlands. They both set a super high standard for privacy and safety. Additionally, you can use the built-in PGP email encryption that ProtonMail and StartMail provide, and you can install standalone PGP encryption software on your device to encrypt your emails to any recipient who also uses PGP email encryption software. StartMail allows account holders to send PGP encrypted emails to recipients who do not have PGP encryption software on their devices.

Free open source PGP encryption software you can install on your device:

OS X: https://ssd.eff.org/en/module/how-use-pgp-mac-os-x
Linux: https://ssd.eff.org/en/module/how-use-pgp-linux
Windows: https://ssd.eff.org/en/module/how-use-pgp-windows-pc
iOS: https://itunes.apple.com/app/ipgmail/id430780873?mt=8
Android: https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

OpenKeychain on Android. Native support for ECC keys.

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Right. The other side needs to use ProtonMail, too. Or, your side and the other side can install free open source PGP encyption software on your computers to send and receive encrypted emails.

Download PGP encryption software:

OS X https://ssd.eff.org/en/module/how-use-pgp-mac-os-x
Linux https://ssd.eff.org/en/module/how-use-pgp-linux
Windows https://ssd.eff.org/en/module/how-use-pgp-windows-pc
iOS https://itunes.apple.com/app/ipgmail/id430780873?mt=8
Android https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Scenario: You have 50 files that contain secrets. Create a new folder. Move the 50 files to the new folder. Use free open source PGP encryption software to encrypt the folder. PGP encrypts the folder and prompts you to enter a password to decrypt and open the folder later. Don't enter a password. Instead, enter a strong passphrase modeled on the Diceware Passphrase method. Government agents steal your computer and find your encrypted folder, but they can't open it because they don't know your password. Headquarters sets up a network with 50 super computers around the world. The 50 super computers simultaneously work in unison 24 hours per day to break your passphrase with a brute-force attack. After 65 years, the super computers have not been able to break your passphrase. Strong passphrases really are unbreakable in any acceptable time frame, such as less than 50-100 years or a natural lifetime.

The Diceware Passphrase Home Page, Diceware list, Alternative Beale list, EFF list

Download and install free open source PGP encryption software:
OS X, Linux, Windows, iOS, Android

Enable full disk encryption, Install Signal, install and configure PGP consider https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

OpenKeychain! https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

https://play.google.com/store/apps/details?id=eu.siacs.conversations - also available via f-droid

https://play.google.com/store/apps/details?id=im.vector.app

You can use OpenKeyChain (F-Droid, PlayStore) and a client that supports it like Fair email (F-droid, Play Store)

You can use OpenKeychain to Encrypt files, using your own encryption keys.

1. Yes, it can be installed on your phones
2. No need for special simcard.
3. RSA is most used.
4. https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Free for android users: https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

iPhone users have to pay 4.99: https://apps.apple.com/us/app/pgp-everywhere/id1011677987

I use OpenKeychain

Only one? There's loads.. I use OpenKeychain it's free open source and works fine?

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

easyPGP might help

andOTP. It's available on F-Droid and Google play. Allows for import/export via unencrypted file, AES encrypted file, or PGP encrypted file (with OpenKeychain).

Android? OpenKeychain.

OpenKeychain works well. It integrates with the K-9 mail client, too.

Look at Tor: Overview. Read Tor Project documentation, Want Tor to really work?. Look at the Tor Wiki and the Tor Blog, including New Release: Tor Browser 8.0. Look at Tor Metrics.

— Surface web, deep web, dark web

The deep web includes web mail accounts, online banking, and paywall sites. The dark web is a small part of the deep web and includes hidden services, aka onion services, including Tor Project hidden services and this Tor Project list of some other hidden services. See this EFF interactive visualization about how Tor works.

To install OpenPGP encryption software on your computer, see this list of possible solutions for your operating system:

macOS https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-mail
Linux https://ssd.eff.org/en/module/how-use-pgp-linux
Windows https://ssd.eff.org/en/module/how-use-pgp-windows-pc
iOS https://itunes.apple.com/app/ipgmail/id430780873?mt=8
Android https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

OpenKeychain

Download the Tor Browser (TB) only from The Tor Project, Inc..

If you already have installed the Tor Browser, one or more files in the Tor Browser installer package or in your Tor Browser folder might have become corrupted during the download and installation. To remove any corrupted files, uninstall (delete) your Tor Browser folder, and re-install Tor Browser.

If your ISP, government, or a corporation has blocked The Tor Project, Inc. site, you can use several other alternative methods to download the Tor Browser.

If you already have installed the TB, it might be unable to connect to the Tor network because your ISP or an adversarial government agency might be blocking (censoring) connections to the Tor network. If that is the case, you can enable a Tor obfuscated bridge (pluggable transport) in your Tor Browser, which is very likely to enable your TB to circumvent any such censorship and successfully complete the connection to the Tor network.

Pluggable Transports, how to use.
Recommendation: use the most advanced type of pluggable transport: <strong>obfs4</strong>.

Installing Tor Browser —
Connect to The Tor Project, Inc..
Download the Stable Tor Browser.

If you previously installed OpenPGP encryption software on your computer, you can download the corresponding Stable Tor Browser sig file, which you can use (double-click) to verify whether the PGP digital signature of the Stable Tor Browser installer package is valid.

After downloading the TB installer package, open it and install the Tor Browser.
Open the Tor Browser - it automatically will connect to the Tor network if your computer has an open Internet connection.

Recommended reading —
Tor FAQ
What is Tor Browser?. Read entire page.
Want Tor to really work? Avoid these mistakes.
Tor: Bridges
Tor Documentation Overview
How to verify signatures for packages
How do I uninstall Tor?

Download free, open source OpenPGP encryption software:
Windows
Linux
macOS
iOS
Android

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

I use Openkeychain for Android. If you need help, feel free to pm me.

This solution has worked for me numerous times:

Back up your computer hard drive.

1. Go to Tor Browser/Bookmarks/Show All Bookmarks/Library.
   
2. Open Library menu, Import and backup your bookmarks
   

3. Select Backup and save the bookmarks*.json file to your Desktop folder.

4. Go to Tor Browser/Bookmarks/Show All Bookmarks/Library.

5. Open Library menu, Import and backup your bookmarks

6. Select Export bookmarks to HTML and save the bookmarks*.html file to your Desktop folder.

7. Download the Tor Browser installer: https://www.torproject.org/projects/torbrowser.html.en and save it to your Desktop folder, but do not run the installer program, yet, and do not install the freshly downloaded Tor Browser bundle, yet.

8. Download the Tor Browser sig file: https://www.torproject.org/projects/torbrowser.html.en and save it to your Desktop folder, but do not run the automatic sig program, yet. Note: the sig file will not run unless OpenPGP encryption software already is installed on your system. (See Footnote 1, installing OpenPGP encryption software.)

9. Double-click the sig file to run the automatic program. It will verify whether the downloaded Tor Browser bundle is authentic. Successful verification will display in a panel as Full Trust or similar wording. Note: the sig file will not run unless OpenPGP encryption software already is installed on your system.

10. Quit your original Tor Browser and disconnect your computer from the Internet.

11. Delete your TorBrowser-Data folder. For example, on a Mac computer, locate the folder at ~/username/Library/Application Support/TorBrowser-Data/

12. Restart your computer

13. Open the Tor Browser installer program that you previously downloaded and saved in your Desktop folder. Install the Tor Browser to replace your original Tor Browser.

14. Go to Tor Browser/Tor button/Security Settings...

15. Move the Tor Browser Security Settings slider to Low

16. Go to Tor Browser/Bookmarks/Show All Bookmarks/Library.

17. Open Library menu, Import and backup your bookmarks

18. Select Restore to restore the saved bookmarks .json file, or select Import Bookmarks from HTML... to import the saved bookmarks .html file.

19. Quit Tor Browser

20. Reconnect computer to Internet

21. Start Tor Browser to connect to Tor network.

22. Go to Tor Browser/Tor button/Security Settings...

23. Move Tor Browser Security Settings slider to High

Recommendation to help optimize online anonymity and circumvent ISPs that attempt to block Tor connections —

1. Go to https://bridges.torproject.org/options
   
2. Select Do you need a Pluggable Transport? obfs4
   

3. Do not select Do you need IPv6 addresses?

4. Select Get Bridges

5. Enter the Captcha characters

6. On your keyboard, press <return> or <enter>

7. Three obfs4 bridge addresses automatically appear in window.

8. Completely copy, from beginning to end, the three obfs4 addresses.

9. Go to Tor browser/Tor button/Tor Network Settings...

10. Select My Internet Service Provider (ISP) blocks connections to the Tor network.

11. Select Enter custom bridges

12. Beneath Enter one or more bridge relays (one per line), paste the three previously copied obfs4 addresses.

13. Select OK to connect to the Tor network

Footnote 1, installing OpenPGP encryption software:

macOS — https://gpgtools.org/

macOS — https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-mail

Linux — https://ssd.eff.org/en/module/how-use-pgp-linux

Windows — https://ssd.eff.org/en/module/how-use-pgp-windows-pc

iOS — https://itunes.apple.com/app/ipgmail/id430780873?mt=8

Android — https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain&amp;hl=en

GCHQ is not well known in the US general population. This is ironic when one considers GCHQ uses mass surveillance to scoop up and save in immense GCHQ databases the Internet and phone data of the American and other national populations. Americans who makes phone calls and use the web should know the meaning of the words GCHQ Bude, but most don't.

Americans should know GCHQ gives to the NSA the personal and cyber data of the American population, but most don't. Americans should know this arrangement between the NSA and GCHQ, which aids the NSA in its efforts to circumvent US privacy laws and the Fourth Amendment of the US Constitution, but most don't. Astonishingly, or not, most Americans don't even know the meaning of NSA Utah Data Center.

I think many American web users don't use free open source PGP encryption software because they don't have the will to sit down and read for a few hours the instructions to download, install, and begin using PGP to preserve their privacy. In my opinion, reading about PGP and the difficulty of downloading installing, and using it are on a par with the difficulty of reading and understanding a history, math, science, or language five-day course in the 6th, 7th, or 8th grade in a good public school in Germany, United Kingdom, China, or Japan.

I think one ingredient that contributes to widespread apathy in the US about using PGP and other tools to preserve privacy is the "dumbing down of America", the long-term engineered US public school program, which aims to make the US general population obedient and subservient to their elected and appointed masters who run American government operations and the new 21st Century Wall Street Pharaohs, who are the true masters of America's Democratic-Republican Duopoly, the media, and 100s of millions of trained, obedient, and dependably predictable consumers and ~~supporters~~ ~~voters~~ pinnipeds in the USA.

Today, many, if not most, high school and college graduates in the US probably cannot pass this 1912 Eighth Grade Examination for Bullitt County Schools, Kentucky, USA. In 1912, many eighth-grade children who passed the examination would receive scholarships to go on to high schools. Archived exam document, 1912 Eighth Grade Examination for Bullitt County Schools.

Download free open source PGP encryption software to encrypt emails, files, and other data: OS X, Linux, Windows, iOS, Android

PGP email encryption cannot be cracked by any government agency unless they come in your home, sit down at your computer, and read your clear text emails. PGP is the cat's meow. You will be in the catbird seat if you and your email correspondents use PGP to encrypt your incoming and outgoing emails. Additionally, you can open a free open source PGP-encypted email account at ProtonMail.com. ProtonMail servers are deep underground in Switzerland, which has the best privacy laws of any country.

Free open source PGP encryption, download:

• OS X https://ssd.eff.org/en/module/how-use-pgp-mac-os-x
• Linux https://ssd.eff.org/en/module/how-use-pgp-linux
• Windows https://ssd.eff.org/en/module/how-use-pgp-windows-pc
• iOS https://itunes.apple.com/app/ipgmail/id430780873?mt=8
• Android https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

Use the Tor browser instead of an Internet browser. By default, the Tor browser does not enable cookies. Tor does not reveal your computer's IP address, your location, or you identity to destination web sites, corporations, government agencies, or cyber criminals. You remain anonymous. In Tor network settings, if you enable the option to use a Tor obfuscated bridge, the Tor browser camouflages your connection with the Tor network, and your Internet service provider cannot see you have a connection with the Tor network. When you use an Internet browser, a destination web site, corporations, and government agencies can see your computer's IP address, which they can use to determine your home address and name. Every time you click a link, they can log and track your activities.

If you use an Internet browser to connect to web sites, a cyber criminal can get your computer's IP address. With that information, a cyber criminal can determine your home address and name. With that information, a cyber criminal can buy from sites on the deep web additional personal information, such as your date of birth and driver license number. With that additional information, a cyber criminal can buy from a site on the deep web a copy of your credit report. Using the information on your credit report, a cyber criminal can steal your identity and obtain new credit cards and charge accounts in your name.

Your email service provider, government agencies, and cyber criminals can intercept, copy, and read all of your unencrypted emails. If you use PGP open source free software for OS X, Linux, Windows, iOS, or Android to encrypt your emails, your email service provider, government agencies, and cyber criminals still can intercept and copy your emails, but they cannot decrypt and read your email messages.

You can use the Tor browser to open a YandexMail email account, which does not require your real name, email address, or phone number. You don't have to register a phone number to receive emails, but you probably will have to register a phone number if you want to send emails.

If you must use an Internet browser and cookies, such as when you log in your bank account, the best Internet browser for protecting your privacy is Firefox. Several Firefox add-ons protect your privacy and protect you from tracking to a very high degree, including NoScript, HTTPS-Everywhere, Self-Destructing Cookies, BetterPrivacy, Ghostery, and RequestPolicy.

If you log in a Google or YouTube account, if you have enabled "Block reported web attack sites" or "Block reported web forgeries" in Firefox/Preferences/Security, or if you have enabled Google cookies and do a Google web search, the Google PREF persistent tracking cookie and the Google NID persistent tracking cookie probably will install in Firefox. In similar fashion, those cookies probably will install in Google Chrome.

The NSA uses the PREF cookie as a surveillance beacon to track individual Internet users. PREF tracking cookie. NSA Turns Cookies (And More) Into Surveillance Beacons. NSA Hackers Help Themselves to Google's Cookies.

Firefox and Chrome users can remove and block the PREF and NID cookies: in Firefox on a Mac, go to Firefox/Preferences/Security. Uncheck "Block reported attack sites". Uncheck "Block reported web forgeries". Go to Firefox/Preferences/Privacy/Exceptions. In "Address of website", type google.com. Click Block. Click Save Changes. Go to Firefox/about:support. Click "Show in Finder". Your current Firefox Profile Folder will open in a Finder window. Locate the "cookies.sqlite" file. Delete it. Warning: deleting it will delete all browser cookies. Restart Firefox. Now, the PREF and NID cookies will not continue to re-install within seconds or minutes each time you delete them, unless you do some combination of the following: enable "Block reported attack sites", enable "Block reported web forgeries", log in a Google or YouTube account, enable Google cookies and do a Google search.

The Adobe Flash Player browser plugin, named ShockWave Flash in Firefox, installs a LSO flash cookie on the computer, which can be used to track users. This article identifies the folder location of LSO cookies on Windows Vista and Mac OS X. For years, cyber attackers have been exploiting the software vulnerabilities in Flash Player to infect millions of computers. The NSA and other spy agencies possibly are exploiting Flash Player vulnerabilities to track individual users and plant spyware in computers. Today, Flash Player is unnecessary. Many, if not most, videos on YouTube and other sites have the HTML5 file format instead of the Flash Player SWF file format. No browser plugin is necessary to watch HTML5 videos.

The following practices will prevent the FBI from reading your emails and web-surfing history from your service providers:

Use PGP encryption for sending and receiving emails. Even if the FBI grabs your emails, they will not be able to read the encrypted contents.

Use StartMail.com. After you click and read Why StartMail, About Us, and Privacy, you are very likely to want to begin using startmail.com now.

Use mail.yandex.com, which requires no phone number, email address, or other personal info to open a free email account.

Use Tor browser to connect to Tor network to connect to all web sites unless you have to log in a secure account, such as an online bank, that does not allow connections from the Tor network. I have at least one online bank that allows connections from the Tor network. I sign in and complete financial transactions. Configure Tor Privacy & User Settings to the highest level. Configure Tor Network Settings > My Internet Service Provider (ISP) blocks connections to the Tor network > Enter custom bridges. If you configure your Tor browser to use the obfuscated type of Tor bridges in > Enter custom bridges, your service provider and the FBI are unlikely to detect your connection to the Tor network. When you use Tor, your service provider and the FBI are unable to determine what web sites you use.

Configure Tor Preferences > Privacy > History > Never remember history.

Download and Install PGP encryption software:

OS X
https://ssd.eff.org/en/module/how-use-pgp-mac-os-x

Linux
https://ssd.eff.org/en/module/how-use-pgp-linux

Windows
https://ssd.eff.org/en/module/how-use-pgp-windows-pc

iOS
https://itunes.apple.com/app/ipgmail/id430780873?mt=8

Android
https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

I've got problems with v2, too. I don't know fix. Tails fails to start successfully from USB disk on iMac after upgrade from v1.8 to v2. r/tails posts show many having issues since v2 release. Recommend you and other Tails users having issues with v2 please take time to send clear, concise bug report to Tails bug squad: . Use Tails' suggested format for writing report: Tails does not start. Hopefully, Tails will include fixes in next Tails release. I have sent report. Hope you do, too. Regards

If you need to send bug reports outside of Tails, look at mail.yandex.com webmail, which requires no ph# or email address to register. Encrypt and sign text and attachments in email messages with PGP. Download and install PGP: OS X, Linux, Windows, iOS, Android

I use long passphrases for online logins and individual files and folders on my HDD - the longer the better. After you start Tails, if you have a Tails encrypted persistence volume, the passphrase you use to log in Tails opens your Tails encrypted persistence volume unless you previously used an app in the Tails Applications menu to use a different passphrase to open your Tails encrypted persistence volume. When you quit Tails, Tails automatically re-encrypts the encrypted persistence volume.

A passphrase will be unbreakable for 2-100+ years depending on the length of your passphrase. The longer the stronger. If you use a long passphrase, the NSA and GCHQ might need to use 50+ supercomputers 24 hours per day for 50-100+ years to open your Tails encrypted persistence volume. Of course, if you are really paranoid, like the directors and other employees at the NSA and GCHQ, you can use a passphrase to encrypt individual files when you are in Tails. When you quit Tails, the encrypted persistence mechanism will encrypt the encrypted persistence volume itself. In that case you would have individually encrypted files inside the Tails encrypted persistence volume. The NSA and GCHQ might require centuries or a thousand+ years to decrypt such content. I would bet that people who live in the White House are well versed in all of this and use it when sending personal emails to boyfriends, girlfriends, saving personal files, etc.

I highly recommend using a free, open source OpenPGP encryption application to encrypt quickly and easily FILES and to encrypt and decrypt automatically EMAILS that you send and receive. Download and install the OpenPGP app for your system:

OS X https://ssd.eff.org/en/module/how-use-pgp-mac-os-x

Linux https://ssd.eff.org/en/module/how-use-pgp-linux

Windows https://ssd.eff.org/en/module/how-use-pgp-windows-pc

iOS https://itunes.apple.com/app/ipgmail/id430780873?mt=8

Android https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain

I highly recommend using startmail.com when you want to send emails that no spy can trace back to your computer IP address or you. The header in startmail.com emails never includes the sender's IP address or any other info that can identify the sender or the sender's location. The header only identifies that the sender is a startmail.com email server. StartMail gives you the option to send email in plain text or encrypt your emails with OpenPGP 4096-bit RSA encryption: https://www.startmail.com/

I highly recommend using the eu.ixquick.com Internet search engine for ALL Internet searches. eu.ixquick.com Internet servers are in the Netherlands beyond the legal jurisdiction of the US FISA Court, the NSA, GCHQ, and any foreign government. Even if NSA operatives broke down the doors and hit heads to get to the email servers, they would find no data on the servers.

eu.ixquick.com email servers do not record or save any user information. They do not record or save IP addresses or any other information that could lead back to the user's computer and identity. The eu.ixquick.com servers use the highest level of encryption for your Internet connection to the servers. At this moment, the eu.ixquick.com servers are using the following encryption module to encrypt connections between your browser and the eu.ixquick.com servers: (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2). This is unbreakable HTTPS encryption like long passphrases are unbreakable. Of course, if you are using the Tor browser when you do an Internet search or connect with any web site, the Tor browser keeps you anonymous on top of the anonymity and encryption provided by eu.ixquick.com. Always use eu.ixquick.com for ALL Internet searches if you want your Internet searches to be 100% private, 100% anonymous, and you want the highest level of encryption in the HTTPS connection between your browser and the web site: https://eu.startpage.com/

I highly recommend using the Tor browser as much as possible when you are not using the Tor browser that is inside Tails. Many web sites are friendly to the Tor browser. Many Tor browser users can login their online bank accounts and other secure online accounts when using the Tor browser: https://www.torproject.org/

If an Internet spy reads one of your OpenPGP encrypted emails that contains the 2-word message eat breakfast, the spy will not be able to read the message eat breakfast. Instead, what the spy actually will read will be encrypted text, which will appear in the email literally as something like the following text except the text string could be 10+ times longer than the following text string because I had to delete most of the text string due to the fact that a reddit window popped up and stated that the length of the post exceeded the limit of 10,000 characters:

mQINBFHvzFYBEAC4ZfdhdtCYSTdmHknJWtct5fbc02qC4MjVKIY0pRixhMsgHssN GxWwsjyW5g1EL2AdcMsUZzz4rcxoNbzHM2QC9FHZ72TIPGjLVy42OsVLoqoz5UC0 D7+bFTR9Zri3apQM++96wWJw5G0mO0KiM6jAZPuDTgDcWSgdF74pCOkcZSdIEGHm XcI3Sf0HQRIVw5XZZKN5aFYCyRw4i1/ihnLfw51iNoTNp8H6rd5FybNzmrd/6iqU kptHsQsYUZTkWWo5H7U9O49RpYA7qIEZBplzCbc910F/3Mm5JoqtRSUrSvqxpXfI Yo2pAEf2VUxd5cMiP83zau3ovhNUnjQiEpITw5E9y1m46bT/f7LVRn/ORXdg00xG SAxPm8EkL98bIyoPoQZI/jeaKXuacfz7Ti2kK9clH+53s720gkpGQsRlHVyg4jn7 zd3SQE0eLHuK/ai7gmZBQyNBD1+91hV9d/ZjbXOXiH0D+t8UJHeARxSNO0klUReG 4t881JHjZtHRpcBCuNCgUmhlM7khEUY5dwb805ewLOrixv3zNR4+MsZyN86q3qK/ MnaY/OybJqt/cHuHzx+veWMSDY0Oml96DCYv08Niu1rXVHN4pL4eroJ3GwSmTZKc WWM0uiaJzHvIhmSB7YidUdr0Ys3foFkz59I6r3i/4gIsfPRXGoTS5jKCSQARAQAB tCVUYWlscyBidWcgc3F1YWQgPHRhaWxzLWJ1Z3NAYm91bS5vcmc+iF4EEBEKAAYF AlULH+0ACgkQI232nWf20bHq1QEA7GcWp8oTypZULg1L5ZrF50VjUT6392m017Bp NZ5hxTcBAN7mbwdFD+zKvj6ORxMp5J7zmw2RNpD2QuENS7hg+0QXiQEcBBABAgAG BQJTt91rAAoJEN1A8liqzgHpJxkH/1DMVinWopwezvQFtexG1dIWFiB/bd09Kz2i IcmTEUabjVVAWeHs+4+3hFyEQ/SXzZnuLt3Fa800QAqae+tpIcdfERW84+1oP29F eBUmj9XEvqkso3a97t8wQVbHCTU1CIUvTIMLAtJbDxqmL/Nsu14QqEkdAv8BLCNL p83eVqka6gUvcRrrJiKjT3RUsZoYf9b2MSaB8WDGnKgzXEwk3XCLgdvVMkogclek qR5TDFrOBZaiM3kb++HIB8q5RgGYAo/BjIUeZKuhgTGCJj2CPV8dlWL/2fTU2HTM YBEUQfzEwhYAxsoE1x54NlqR7QssBZIUT+qBR7GLwklbBoe1KR6JARwEEAECAAYF AlO5FYcACgkQ6sXr8HqpwqPqIgf8CvmhyrVfj6xauR8x+k2fB4yau5/w1gt9HcXB /Aw+6MYHisM5YgpVq0sip1pLrnjGSeiNecxhiHRUFYrlSaQSbqSKRzNKfmD3/zPO GT4WPx6wbmEhxkDy6z8xMwqNUMTp0royznmuYcaq0KSuzQc+BtN2LOtkNlTrexI1 pnQXwU5LVzhjlI2OKNG8wrskV7otOSJMDXbiHhYYy519U0TQOpOMcI0rLpTr4WYW 7x7gL1bsEShQh16qbj0VbkYI+bVis7poN33Ur5PplWjDU1vDuutD2BWU5tqgayUY vo2CBFZlSoDfLxIIcFe7cqqUtImLYv6FUV8GWnT6f3NHdVx0qokBHAQQAQIABgUC U72q/gAKCRADz0oKs8eaY+yVB/

Openkeychain https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain