Keeping communications private in the age of Big Brother (a practical HOWTO)
I have decided to share with you something which I originally sent out to the key members of the Saker community: my recommendation on how to keep your private communications private in the age of “Big Brother” aka NSA, ECHELON, GCHQ, Unit 8200, etc. I have been interested in the topic of encryption for many years already, and I have had to use encryption techniques in the past to protect myself from snooping by indelicate employers. There have also been some discussions inside the Saker community of what did and did not work for us. I have now come to the conclusion that there are two services out there which I feel I can recommend to our entire community, one for emails and another for messaging/audio/video/file sharing. Why two different services rather than one?
The truth is that the confidentiality issues with email are unique and require a unique solution. Typically, emails are designed to remain kept on some kind of storage device whereas most telephone calls or video conferences are not recorded (at least not by the participants).
Let’s look at these two issues separately.
ABSTRACT: if you want to protect your communication from any kind of snooping, including government snooping, the most reliable and advanced solution currently available are:
For your emails: Prontonmail https://protonmail.com/ (free of charge)
For your messaging/telephone/video/filesharing needs: the Silent Phone app for Android and iOS https://www.silentcircle.com/products-and-solutions/software/ ($9.99/month)
Protecting your emails with Protonmail:
Protonmail is a Swiss company whose history is well described in this Wikipedia article: https://en.wikipedia.org/wiki/ProtonMail. I won’t repeat it here. I will just say that with Protonmail your mailbox remains encrypted in such a manner that even the managers and technicians at Protonmail cannot access it. Here are a few videos which will give you more details:
Quick Introduction To ProtonMail and ProtonMail Plus:
ProtonMail – Is this The alternative email we’ve been looking for?:
Protonmail and Encryption – A Re-visit:
Protecting your messaging/telephone/video with Silent Circle’s Silent Phone:
Unlike Protonmail which deals ONLY with emails, Silent Circle’s software (called “Silent Phone”) which can be installed on any Android or iOS smartphone, protects your instant messaging, your telephone conversations (audio), your video conferences and even allows you to securely send your files up to 100MB in size. However, while the Silent Phone software is free of charge for download, you will have to pay $9.99 a month to get all of the following:
- Unlimited Worldwide Secure Voice/Messaging between Silent Circle Members
- Up to 100MB File Transfer
- Full Burn Functionality
- Video Calling
- Conference calling for up to 6 callers
- Direct access to Technical Support
- Available on iOS, Android, and Silent OS
You can check all their fancy marketing materials here: https://www.silentcircle.com/
Here is the Wikipedia article about them: https://en.wikipedia.org/wiki/Silent_Circle_(software)
This is the link to their software solution: https://www.silentcircle.com/products-and-solutions/software/
And this is the link to their White Paper: https://www.silentcircle.com/enterprise-cybersecurity-white-paper/
Finally, here are some of their case studies: https://www.silentcircle.com/wp-content/uploads/2017/01/SilentCircle_Case-Studies.pdf
This is all very slick and could hide anything, right? Actually, no. What makes their offer so interesting is that it is based exclusively on open source code which is publicly available. Why is that important? For two reasons: first, they cannot hide some backdoors in the software. But second, even MUCH more important, is that the best encryption algorithms are NOT the secret ones that nobody can check, but the public ones which everybody can check. This is long to explain, but please trust me. The level of confidence which you can have in the technologies used in Silent Phone are about as good as it gets. Not perfect maybe, but very very close.
[If you are interested in the details, I can explain to you one on one why you ALWAYS want to make use only of open sourced encryption technologies (You can find out about the protocols and algorithms used by Silent Circle here: https://www.silentcircle.com/products-and-solutions/technology/zrtp/)]
You might notice that both Protonmail and Silent Circle (the company which makes the Silent Phone app) are located in Switzerland. This is not a bad thing since Swiss laws about privacy are pretty good. However, this is not the reason why you can trust these products. In fact, in the past the Swiss have worked with the US CIA to sell the Iranians encryption devices with backdoors. The current Swiss government is as pro-USA as any other. No, the reason why I like these is that Switzerland has some of the best cryptologist on the planet (even if very few people know about this). In fact, the technology for Silent Phone is so secure that even the US government had to certify it for governmental use (in spite of it being open source, which tells me that they don’t have much better): http://www.zdnet.com/article/silent-circle-phone-app-cleared-for-us-government-use/
I hope that this reference to the US government does not freak you out. If it does – relax, Silent Circle was co-founded by Phil Zimmerman, the man who single handedly forced the US government to give up trying to keep a monopoly on military-grade encryption (read about him here: https://en.wikipedia.org/wiki/Phil_Zimmermann).
Here is a keynote presentation by Zimmerman
and here is an interview with him:
In other words, his “I do not work for the NSA” credentials are the best on the planet.
By now you must be wondering if I am working for Silent Circle or whether I have bought shares in their company. Don’t worry, I did not. I am only writing to let you know that I think that this product is fairly secure and very reasonably priced. I know of no better one. Just think of it – worldwide unlimited calling (including VIDEO!) for 10 bucks is already a halfway decent deal. But with rock solid encryption it becomes very good.
There is one important caveat which you have to keep in mind: Both Protonmail and Silent Phone are truly secure only if BOTH people communicating are using them (from Protonmail to Protonmail email addresses or from Silent Phone subscriber to Silent Phone subscriber). Likewise, the $9.99 suybscription costs with Silent Phone only covers all communications between Silent Phone subscribers. You *can* call a non-subscribed number, but it will not be secure and you will pay international calling rates.
Also, if you get Silent Phone, you will be given 2 options: a) to use a username only b) to pay 2 dollars a month for a dedicated phone number. Since using Silent Phone only really makes sense if used between two Silent Phone subscribers, I recommend you forgo the extra cost for a dedicated telephone number unless you really need it (depending on your usage of your telephone).
Here are a few short videos showing how Silent Phone works on Android (for iOS go to the Silent Circle YouTube channel):
Calling and Conference calling
Logging and Setting:
We live in complicated and, frankly, dangerous times. Having personally worked in Electronic Warfare (EW), Communication Intelligence (COMINT) and military intelligence in general, I believe that the ability to keep communications secure is absolutely crucial for most people. Until recently, the kind of technology which could protect you from government (or corporate) snooping was simply too complex to be used by most people (keep in mind that bad encryption is much worse than no encryption since it gives you an illusion of security!). Even software like the famous PGP/GNUpg were not that easy to use and required a fairly solid understanding of the technologies used. Nowadays we are lucky that we can use VERY sophisticated services with do not require that kind of expertise from us. But then, you might ask, how do we know that we can trust them? There are two replies to this. We can trust them because
- all the technologies used by these services, including source code, protocols, algorithms, etc, are fully “open source” meaning that they are available for download and audit. Not by you or me, but by colleges, institutes, corporations and even governments worldwide. For encryption that is the highest standard of security: when everybody can see your code and check it for flaws.
- because all these services are regularly audited by entities we can trust, such as the Electronic Frontier Foundation (EFF) which, for example, reported this “scorecard” for Silent Phone:
If you are an active member of the Saker Community (author, researcher, translator, computer tech, editor, etc.) I STRONGLY recommend that you use both Protonmail and Silent Phone. If you are not a member of our community, I recommend that you at least use Prontonmail. If you make a lot of international calls to trusted relatives, friends or colleagues, I also STRONGLY recommend use sign up for the Silent Phone subscription as for $9.99 you get unlimited worldwide and high-quality audio (telephone) and even video everybit as good or better than Skype or Whatsapp. And it happens to as secure as the best government/military grade communications.
Finally, three final and minor points:
First, let’s imagine that some government agency (Swiss, American or other) comes to Prontonmail or Silent Circle and orders them to have them over all your communications (as has happened already so many times): neither Prontonmail nor Silent Circle will be able to comply, not because of bad will or some heroic resistance to pressure, but because they will NO ACCESS to your data: in the case of your mailbox, it will be completely encrypted and only you will have the capability to decrypt it, and in the case of Silent Phone the encryption used is one between end-user to end-user which is NOT shared with Silent Circle in anyway and as soon as you hang up it is also erased.
Second, the company Silent Circle also manufactures a real “physical” phone, called the “Blackphone 2“. It was a failure, don’t bother with it. I don’t want to discuss the reasons for that, but just ignore that option which simply does not work too well and has major problems.
Third, I want mention something crucial here: both Protonmail and Silent Phone offer the option to destroy your email, message, of file after a specific delay. In other words, you can configure these two services to destroy everything which you ever send through them. So by the time somebody tries to get that data it will already have vanished. So even though your Protonmail mailbox is heavily encrypted and even though Silent Phone exchanges encryption keys only between end-users (p2p), you have that additional level of security of having all your data self-destruct after a pre-sent time/date.
That’s it. Please don’t bombard me with questions about these technologies and products. If you do your own research and just follow all the links above you should get all the info you need. Right now I literally don’t have the time to do more about this than share the above with you. And just to make thing worse, I currently have a painful gout flare-up which makes it hard for me to sit and type. If you still have questions, ask them in the comments section and the more tech-wise will probably help you, but first please make sure that you do your own research. The geek community refers to this as RTFM or Read the “French” Manual 🙂 Also please do take the time to watch the videos above, they are very informative.
I hope that the above has been useful and that at least some of you will decide to at least try out these two outstanding service.
Good luck, kind regards,
We have collected some links to sites providing solutions for sending secure email, secure one-time messages, and secure instant messaging, and encrypting files to send through email.
Infoencrypt is a free, web-based service for easily securing your messages. Simply enter the text of your message and the encryption password that will be used for both encryption and decryption. The program encrypts your message using a strong encryption algorithm, making it secure to send. Anyone who intercepts the encrypted message without the password will not be able to read the original message.
Infoencrypt does not require installation on your PC.
SafeGmail is a free extension for Google Chrome that allows you to send encrypted emails to anyone. The messages are encrypted and decrypted within the browser and remain encrypted in both the sender’s and receiver’s email inboxes. The messages also automatically expire after a random amount of time.
SafeGmail works with any recipient email provider. For more information about using SafeGmail, see our article.
RMail allows you to easily send emails with end-to-end security and compliance. Send encrypted email from your current email address (10 free messages allowed per month) and automatically receive a Registered Receipt™ record proving encrypted delivery and compliance with open tracking.
Sendinc is a web-based service that makes it safe and simple to transmit sensitive information via email. You and your recipients can use Sendinc for free. No software is required.
Sendinc secures your message by ensuring that your data remains encrypted from the time it leaves your computer through the time your recipients retrieve it. At no point in the process is your message data transmitted or stored in an unencrypted format. Sendinc further ensures the safety of your messages by verifying your recipients are in fact your intended recipients.
Messages are encrypted with a powerful randomly-generated encryption key that is emailed to your recipients in the form of a link. Sendinc does not save a copy of your recipients’ encryption keys and your message can not be decrypted without the key – not even by Sendinc. This means only your recipients can decode the message data.
Hushmail is a secure web-based free email service that looks and feels just like any other web-mail site, but adds strong encryption to your emails to protect your secrets from prying eyes. It uses standards-compliant encryption and provides mobile access (Android, iPhone, BlackBerry, etc.).
Paid plans are also available that provide additional storage, unlimited email aliases, dedicated technical support, and desktop access.
Lockbin is a free web application for sending private email messages and files. Lockbin ends message persistence, which means your email message will not be backed up on email servers or stored in backup files. Network sniffers can also spy on your email traffic while in transit. Use Lockbin to obscure the content of your message and avoid these hazards to your privacy.
No registration is required to use Lockbin. Your message and file attachments are protected by strong AES-256 bit encryption and your secret password. You invent the password and deliver it to the recipient using a different secure method, not email.
The free plan allows one user to send secure messages with secure file attachments up to 15MB. Files are stored for up to one month. You can also download free Lockbin Java desktop software and a free Microsoft Outlook add-in for sending and receiving Lockbin messages. There are also paid plans providing more features and allowing for larger limits on file attachments and for more users
iSafeguard is a software package that provides easy-to-use and highly secure encryption and digital signature solutions for everyone from big companies to individual users. The software allows you to sign and encrypt files, folders, and emails and verify digital signatures and countersignatures. It provides a secure text editor and allows you to wipe files, folders, and free disk space. It also integrates with the Windows shell.
The freeware edition of their software is for non-business, individual users. Although it lacks some of the features the enterprise and professional editions have it does provide powerful encryption and digital signatures capabilities, and security is as strong as the enterprise and professional editions.
All editions support using certificates from any Certificate Authorities, and handle certificate status checking automatically.
Sbwave Enkryptor is a free service that encrypts text messages for email delivery. The encrypted email is entered and sent via a web form. The recipient receives the encrypted message in a similar form, then simply enters the encryption code you chose and the message is decrypted.
There is no software to install, nothing to sign up for, and no ads attached to the messages. The service requires an encryption code that both you and the recipient know and a mail client that understands HTML such as Outlook Express, Netscape Messenger, Hotmail, NetZero, Lycos or any number of free email systems.
Safe-mail is a highly secure communication, storage, sharing and distribution system for the Internet. It provides email, instant messaging, data distribution, data storage, and file sharing tools in a suite of applications that enables businesses and individuals to communicate and store data with privacy and confidence. Every application is secured by state-of-the-art encryption ensuring the highest level protection and privacy to users. Within the overall system as with each application, security is not an add-on feature but has been designed into the fundamental architecture of the system.
The system is available at any time and from any location using any device or operating system, be it PC or Macintosh, Windows or Unix, Sun or i-mode enabled wireless device.
Safe-mail’s free service contains ALL the functionality of the Safe-mail system but is limited to 3Mb of storage space, less names in the address book, less folders, filters, smaller mail quota and reduced frequency of backup. To increase access to these resources, they offer a range of Premium Services.
There are no advertisements, downloads or cookies. Safe-mail supports most hardware platforms and any operating system. Includes file storage, spam filters and anti virus protection. Full compatibility with most browsers, email clients and all relevant protocols including POP, SMTP, IMAP, S/MIME and Public Key Infrastructure (PKI).
Enigmail is a security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard. Enigmail can also be used with Eudora OSE and Postbox (using a Postbox extension).
Enigmail is an email plugin. It cannot be run by itself. You need to use one of the supported email clients, the GNU Privacy Guard (GnuPG), and a little patience. You may also need to install the proper Enigmail language pack.
Comodo Free Secure Email Certificate
Comodo Free Secure Email Certificate allows you to protect your digital communications. The digital signature ensures confidentiality and provides secure message encryption with up to 256-bit security. The Comodo Free Secure Email Certificate is free for personal use, integrates with Microsoft® Office and major applications, and is trusted by popular email clients.
Email certificates provide the strongest levels of confidentiality and security for your electronic communications by allowing you to digitally sign and encrypt your mail and attachments. Encryption means that only your intended recipient will be able to read the mail while digitally signing allows them to confirm you as the sender and verify the message was not tampered with en route. Comodo’s email certificates are free for personal/home users and are available from as little as $12 per year for business users.
Mobrien.com offers a free encrypted email service that transmit your email text message in an encrypted form so that it cannot be parsed for key words while en route. What happens once it is stored on the receiver’s computer is up to them and the protective security measures they have enabled.
Your e-mail remains encrypted from the time it is sent and until it is received and decrypted by the intended recipient. The recipient automatically receives instructions for decrypting messages. No unencrypted message is transmitted across the internet.
Between transmissions, when your e-mail is stored on mail servers, the message remains encrypted and the content cannot be “sniffed” for specific key words, which is the manner in which email “eavesdroppers” select the emails they want to read.
Using Mobrien.com’s encrypted email service, there is no need to exchange passwords or complex public key details with encrypted email recipients. The recipients are automatically sent instructions for deciphering the encrypted email. Sending an encrypted email message using Mobrien.com is as simple as sending an ordinary email with a web client. Other email encryption methods require the sender and receiver to exchange public keys which is complicated, inconvenient, and not very practical when spontaneously sending encoded email messages.
SafeMess allows you to encrypt any message text in a few seconds. After the encryption is done, your message will appear unreadable to the human eye. Then you can send your message to a friend or save it to a file for later use. Your friend will only be able to read the message if he or she enters the secret password that you have chosen.
SafeMess can be used on any message and is suitable when the communication is done via an unsecured channel (like mail, IM, chat, etc.) or when you want to hide information from robots or filters.
The encryption script always runs locally in the browser on your computer. Therefore, your secret password and message will never be sent over the Internet to the SafeMess server.
Currently, you cannot encrypt more than 32 kilobytes of data (that is more than 10 printed pages of text) using SafeMess. All character sets are supported, including US, European, Cyrillic, Chinese and Japanese as long as the browser has support for UTF-8 encoding.
Crypto Anywhere is a program that is small enough to fit on a USB flash drive, providing free secure email on the go. Don’t have a computer yourself but want to protect your web based e-mail at your local internet cafe? Crypto Anywhere is for you. If you run Crypto Anywhere from a USB flash drive, you can encrypt your email without even installing software on your workstation. With Crypto Anywhere you can send and receive secure email to and from anyone with an email account – the recipients do not have to have Crypto Anywhere themselves.
Crypto Anywhere is free for personal and corporate use.
Opolis Secure Email Service
Opolis is a high-security email service. Combining the latest E-Mail security technologies, Opolis transmits, processes and stores all your confidential messages in encrypted mode. Accessible from all over the world, Opolis operates on your PC in parallel to standard email applications, such as Microsoft’s Outlook or Apple’s Mail. The Opolis Mail Client runs on any machine and does not require any specific configuration.
Opolis is a fully integrated service provider for all your confidential emails, combining a global infrastructure, server systems, backup facilities, storage and customer service.
Mailvelope is an easy-to-use Chrome extension that offers free, OpenPGP encryption for the most popular webmail services. It comes preconfigured for major webmail providers (Gmail/Google Apps, Outlook, Yahoo! and GMX) and integrates directly into the webmail user interface. It can also be configured to support other webmail services.
A Firefox version of Mailvelope is currently in development. An early preview can be found in the GitHub repository.
Trend Micro Email Encryption Client
Trend Micro Email Encryption Client is a plug-in for Microsoft Outlook that enables secure, confidential and private email communications between you and any of your Outlook contacts.
Since regular email is transmitted “in the clear,” it is vulnerable to interception and eavesdropping on the internet and by online email providers such as Gmail, Hotmail and Yahoo! Mail. Safe, secure, and free for non-commercial use, Trend Micro Email Encryption Client ensures that no one except you and your recipients can read your encrypted email messages and attachments.
Simply click the “Send Private” button from Outlook to encrypt your email message and any attachments with 256-bit AES, the same encryption standard approved for used by US government agencies.
Crypt4Free is a free program that allows you to encrypt every kind of file on every kind of medium, whether floppy disk, removable hard drive, zip drive, tape drive or other, using the proven encryption algorithm, DESX. It offers full .zip support, providing the ability to browse for existing .zip archives, extract their contents, and even create new .zip archives.
The program also allows you to send encrypted files and messages via the internet and to encrypt email text (or any other text message) to send it securely via e-mail, chat, or instant messengers like ICQ, AOL Messenger, Microsoft Messenger, etc. The recipient must enter the password to read this message.
Crypt4Free provides a user privacy tool that removes all internet traces, such as URL history, typed URLs, Favorites, Recycle Bin, typed passwords in web forms, etc. There is also a built-in file shredder that allows you to wipe the contents of the original, pre-encrypted file.
The company that offers Crypt4Free, SecureAction, also sells a program called Advanced Encryption Package Professional for $49.95. The program offers features not available in the freeware version, such as creation of self-extracting archives, integration with Windows Explorer, complete command line support, RSA algorithm support, and 17 additional encryption algorithms and 19 additional secure files erasure algorithms.
dsCrypt is an AES/Rijndael file encryption program with a simple, multi-file, drag-and-drop interface. It features optimal implementation, performance and safety measures. dsCrypt uses an advanced encryption algorithm and offers unique options for enhanced security. It is available as a small, self-contained, and dependency-free file you can run on your PC or on a USB flash drive.
Files you encrypt are converted into encrypted .dsc files. If you use dsCrypt to send a private message to someone via email, the recipient simply has to drag and drop a .dsc file onto the dsCrypt program window, type the correct password, and the file will be decrypted and made usable again.
MEO is file encryption software for Windows or Mac or Windows that allow you to encrypt and decrypt files of any type. Protect sensitive data against unauthorized viewers with the latest data encryption technologies to keep your documents safe and secure.
Use MEO to easily send encrypted emails, or create self-extracting encrypted files so the receiver can open the encrypted files on any Windows or Mac computer without needing to install the encryption software on their machine. MEO also provides context menu integration so you can encrypt files outside of the MEO program.
The free version is available for non-commercial use.
Encrypt Files is a free, lightweight but powerful program that allows you to encrypt your files and folders and password protect them. It supports 13 encryption methods. You have the option to shred the original files after encryption or to make the files hidden after encryption. The software must be installed on both the sender’s and recipient’s computers. When you encrypt a file, a new copy of the file is created that is encrypted, leaving the original file alone. You can then choose leave, delete, or shred the original file.
ThreadThat is a free web-based service that allows you to easily conduct online, bi-directional, passkey-protected, anonymous communication using secure threads in your own private, encrypted message center. A secure thread is a series of exchanges between two or more individuals arranged in one convenient continuous conversation that can be accessed with a single mouse click. There is no limit to the number of messages or files on a Thread and no limitation on the length of time the conversation spans. All messages and files are encrypted while in-transit and while at-rest and can only be accessed by other invited ThreadThat users. Threads only exist on ThreadThat servers, never on an end-user computing device.
ThreadThat does not require that you download and install any software and there is no advertising, games, SPAM, or malware.
Burn Note is a free web application that allows you to have private conversations online. Enter a note and protect it with a password. When you click Send, a link is generated. Send the link and communicate the password to the recipient. Once they have read the note, or the specified time period has passed, the note self destructs. The recipient can securely reply to your note.
Every message on Burn Note is automatically deleted and uses patent-pending technology to prevent copying. Deleted Burn Notes are completely erased from the Burn Note servers after a certain amount of time you specify, so it is impossible for anyone to retrieve them.
QuickForget.com is a free, web-based service that allows you to share secret messages that self destruct after a set amount of time. Enter a message and get a link you can share with the recipient of your message. You can set the number of views allowed and also the amount of time before the message self-destructs. Once a message is deleted, it is gone forever. If you try to access to access the message after it is deleted, a message displays, saying, “Sorry, I’ve already forgotten the secret.”
Privnote is a free service that allows you to send private message that self-destruct after being read once. You do not need to register or create a password. You simply write your note, click the red button to create a link, and then send that link to the desired recipient. When the person accesses that link, they will see the note in their browser, and the note automatically self-destructs. No one, not even the same person who viewed the note, can access the note again.
There is no time limit by which the link must be viewed or it will be self-destructed. The one feature Privnote has that OneShar.es does not is a check box that allows you to receive notification when the message has been read.
OneShar.es is a free service that allows you to share confidential information with others that you don’t want to send through email or post on instant messaging services. The information shared is encrypted from you to OneShar.es and stored encrypted. OneShar.es cannot read your information. It is assigned a unique URL that you can share. The provided URL can only be accessed once. Once someone visits the URL you send them, the information is unlocked so they can view it, and then the message is deleted. You can specify minutes, hours, or days by which the message will be self-destructed if not viewed. The maximum amount of time is 3 days.
OneShar.es does not require a password or registration and can also be used on Android and iOS devices.
How-To Geek previously showed you how to use OneShar.es to send self-destructing sensitive information to someone.
Steganos LockNote is a small, simple program that allows you to store private text in filessecurely. For example, if you purchase a download-only program, you can use LockNote to store the product key or serial number that goes with that program in the same folder, so you always know where to find it. The program works like Windows Notepad, but when you save the file, you’ll be prompted for a password.
In addition to using LockNote to store personal, private data, you can use LockNote to send someone a private message. Enter your message in LockNote, password-protect the message, and then send the LockNote file to your recipient via email. When your recipient opens the LockNote file on their PC, all they have to do is enter the password and they can read your message.
You can also add protection to the file by putting it in a secure, encrypted vault using an encryption program. We list some options for that later in this article.
For more information about using LockNote, see our article.
Free File Camouflage
Free File Camouflage is a free program that allows you to hide your files inside a jpeg image. The software can be used with the main interface or via the Windows Explorer “send to” context menu (the first time you only need to select a directory with some images).
All the files are encrypted using AES and hidden inside an image. If someone tried to open your camouflaged image, all they see is the image.
If you use this method to send someone a private text message in a file hidden inside an image, the recipient must use Free File Camouflage to de-camouflage the file. If sending the camouflaged image through email, we recommend that you add a password when encrypting the file into an image.
For more information about using Free File Camouflage, see our article.
The remaining two options for securing data allow you to create encrypted file vaults in which you can store private files. As long as your recipient knows the password required to open the vault, you can use this method to send private information to people via email. Simply attach the encrypted vault file to an email message.
If you are looking for a simple and powerful way to encrypt everything from system drives to backup discs to everything in between, TrueCrypt is a free, open-source tool that will help you lock up your files. It is an on-the-fly encryption application that allows you to work with encrypted files as you would work on files located on a regular drive. TrueCrypt allows you to create a virtual, encrypted disk within a file and mounts it like a real hard drive. Encryption in TrueCrypt is automatic and transparent, as well as real-time.
Once you have created your virtual, encrypted disk in a file, you can email that file. The recipient needs to have the TrueCrypt software installed and the password used to protect the file.
For more information, see our guides on getting started with TrueCrypt and hiding your data in a TrueCrypt hidden volume.
SafeHouse Explorer is a free, portable encryption program available to everyone as a free download in order to promote data privacy and to help you to protect your confidential files. It makes your secret files invisible and hides them from snoopers, intruders and anyone else who doesn’t have your permission to view them. Use SafeHouse Explorer to create private storage vaults to store sensitive files. These vaults can be as large as 2GB each.
SafeHouse Explorer uses passwords and maximum-strength 256-bit Twofish advanced encryption to protect your storage vaults, completely hiding and defending your sensitive files, including photos, videos, spreadsheets, databases and just about any other kind of file that you might have. The program can protect files residing on any drive, including memory sticks, external USB drives, network servers, CD/DVDs, and even iPods. SafeHouse Explorer is easy to use, providing a Windows Explorer-like drag-and-drop interface.
If you use SafeHouse Explorer to send someone private information via email, your recipient can access the SafeHouse storage vault using the free SafeHouse Explorer program. However, you can also create a self-extracting .exe encrypted storage vault that your recipient can simply run to open and access the files within the vault. Creating a self-extracting .exe file automatically includes the SafeHouse Explorer program in the storage vault file. When you run the file and enter the password, SafeHouse Explorer starts and the storage vault is automatically opened.
SafeHouse Explorer is a full featured program and will never expire.
Sophos Free Encryption
Sophos Free Encryption is a program that allows you to send encrypted data by creating password-protected archives you can send using most email programs. When you encrypt your data, the files are automatically compressed and the archives are automatically added to new email messages. Encrypted files can be self-extracting so recipients don’t need special software to open the file; all they will need is the password.
If you have discovered other useful methods of sending sensitive information through email, let us know in the comments.