[hawkharris]

Interesting post. As someone who thought GPG (more or less) encrypted messages with public keys and decrypted them with private ones, I enjoyed learning how the software actually works at a high level.

As an aside, I recently set up encrypted email for my Mac's desktop Mail client using the GPG Suite. I want to set up my friends with secure email, too, but none of us really use Mail; we prefer web mail. I haven't been able to find good browser plugins for GPG. (WebPG for Chrome looks promising except for a major bug that prevents messages from being sent; I reported this issue.)

Can anyone recommend good solutions for bringing GPG to Gmail in the browser? I want something that's easy enough my non-technical friends will be willing to use it for everyday conversations.

[tokenizerrr]

https://code.google.com/p/end-to-end/ is made by Google. It's not done yet, though. I've tried out the alpha and it seems very promising.

[hawkharris]

This is very cool. I just compiled the source and it seems to be exactly what I'm looking for. I get an "undefined is not a function" error, though, when I try to import a key or send a message. I'll hang in there and wait for fixes or maybe try to contribute myself. Seems like the best option available at the moment.

[koto1sa]

That's this bug: https://code.google.com/p/end-to-end/issues/detail?id=121 , it will get fixed after weekend.

Disclaimer: I'm a member of E2E team.

[tokenizerrr]

As a member of the E2E team, is it possible to provide some insight into the state of the project? Is there any kind of estimate as to when it might appear on the chrome store?

[koto1sa]

As vague as is may sound, once we feel it's ready. The development is active, but there is still a lot of work to make the project release-ready. You might help too - we started accepting external contributions recently and the project is covered by the bug bounty.

[tokenizerrr]

Fair enough, thanks for the info.

[joshzayin]

Please file a bug report so that the issue can get fixed: https://code.google.com/p/end-to-end/issues/list

[lozf]

Do people who encrypt their Gmail get targeted ads for MjJlNzE4ZTNlMTA2NWE0ZjBlODk5MTMyNDY2NGJiYjg3ODFkYmY0NDk4MzY0MTQ1ODZhNzM0NjVlOGQwOTI2ZA?

[Istof]

Google keeps the key, but only for advertising purposes...

[Istof]

the down-votes won't change my mind since this is their business model

[hawkharris]

I don't mind those targeted ads. What annoys me is the spam about enlarging my FkYmY0NDk4MzY0MTQ1ODZhNzM.

[e12e]

Very disappointed after tracking down[1] and doing:

   alias rot13="tr '[A-Za-z]' '[N-ZA-Mn-za-m]'"

and still only getting gibberish out the other end of the pipe (lame pun intended). I thought you were talking about stuff like Xrrc lbhe ybirq bar cyrnfrq.

[1] http://www.commandlinefu.com/commands/view/1792/rot13-using-...

[ecesena]

Another option could be SMIME. If it's just for playing around, you can have fun setting up your own CA for your friends ;)

[diasp]

For non-technical friends you can use https://encrypt.to/

[replax]

you can try https://www.mailvelope.com/ even though they are not fully stable yet, their product seems very promising!

[mentat]

WebPG is pretty solid though not totally passive.