OpenPGP: How to Protect Everything with Pretty Good Privacy
Did you know that the technology Edward Snowden used to safely get in touch with journalists was available more than two decades before he blew the whistle on the NSA’s global surveillance and domestic spying campaigns? Way back in 1991, Phil Zimmerman released a program called Pretty Good Privacy, or PGP for short, setting the bar for almost every other “end-to-end encrypted messaging” tool for the next twenty years. Today, this same technology is freely available as the OpenPGP standard, and it’s what companies like Keybase and ProtonMail built their own privacy-enhancing products with.
There is OpenPGP-compatible free software for practically every electronic device and platform, making it arguably the most ubiquitous and most important digital privacy tool ever created. Maybe you’ve already heard about it in the context of “encrypted email,” but did you know that you can also use PGP to add encryption to services and Web sites that don’t already have it? For example, you can use PGP to keep your Twitter or Instagram DMs private. But wait, there’s more! You can use it to password-protect files so that Google or Dropbox can’t read them. You can use PGP to detect spoofed messages, inauthentic files, and corrupted downloads. Since OpenPGP was designed to be a generic cryptosystem capable of protecting arbitrary information, you can even use it to devise more complex secure sharing scenarios like requiring two (or more!) people to act in unison before they can take an action, almost like turning the keys to activate a missile launch.
In this workshop, the Tech Learning Collective’s cybersecurity instructors will help you get up and running with OpenPGP on (almost) any computer you’re using, including handheld devices. You’ll have the opportunity to practice generating keys, encrypting messages in both symmetric and assymetric schemes, and verifying digital signatures. By the end of the workshop, you’ll understand not only how PGP works, but how to use it to work through almost any digital privacy problem you will ever encounter.