Making Gmail more secure with Gmail S/MIME (Firefox Addon)
I haven't posted anything in a very long time. Not that I was ever gushing over with crap to discuss, but way more so than now. But I haven't had much in the way of inspiration recently, until now. Yesterday, I took about an hour out of my life, and gave in to my paranoia. I heard about Gmail S/MIME awhile back, but hadn't had the time or the patience to set it up. When I first glanced over the material, it looked a bit complicated and out of my grasp. I was wrong, mostly. It is complicated, and I don't 100% understand how it works, but I trust the science. AND, most importantly, it wasn't out of my grasp.
To start, you can find the addon at here. If you don't have Firefox, shame on you. Get it. If you're using Chrome, meh. Better than others, but that's another post. If you're using IE, step away from your computer, find a mirror, slap yourself, and watch the tears roll. You should be ashamed. I want you to think about what you've done. Anyway, you'll have to go through the typical addon install, including restarting your browser. Most people including myself, would think 'I'm done.' Not so. There are a few more steps. Slightly complicated, but doable. Trust me.
At this point, you have the engine, but no gas. You need to get your hands on an S/MIME email certificate. The addon authors web-page was very helpful here. About 3/4 of the way down this page, you'll see "Installing Gmail S/MIME," and the three step involved. I'll try to consolidate them here. The Mozilla post on getting your certificate can be found here. It's well written, and informative. But it might be a little much for most people. So I'll tell you what I did. Of all the suggested places, I chose Comodo. It was easy to get to and free. The free thing is not totally right. I think the certificates expire after 90 days, but I think you can get a new one free after that. I'll know in 89 days I guess. This is the current "Application for Secure Email Certificate." I imagine if you've read this far, you're capable of Googling "+Comodo +Secure Email Certificate" or something similar, if the link happens to expire. So, you fill out your app. Make sure to leave key size at high grade, and uncheck the opt in for the newsletter, unless you want it. When you're done, you'll receive an email. Read it carefully. It's important. You have to click the button that says "Click & Install Comodo Email Certificate."
Then, you're done. Well..not really. There's a bit more. First off, just so you know, this by itself, does nothing. In order to encrypt your messages, the recipient must also have a similar setup. If they don't, nothing will change. The email will be sent as usual. No harm, no foul. Assuming your Gmail is standard, and not modified with any addons, when you're composing your message, you'll see the little padlock. All of this is better illustrated at the addon site above, so I won't waste time. I use Google Redesigned, which I love, but doesn't quite work with Gmail S/MIME. When you're composing your message, you don't get the fancy icons, meaning if you are emailing someone else with similiar security, you can't opt out of the encryption. Big whoop. That's why I have it after all, right?
Okay. Last step. And it's only necessary if you use multiple computers. Each computer will need the addon installed. You'll also need the certificate, which is a little more tricky. You can't just reopen the email. For security reasons, you can only install it once. So...you need to export your cert. Don't worry, it's not that hard. In Firefox, go to Tools>Options. Then click on the Advanced tab. Then the Encryption tab. Then View Certificates. This opens your Certificate Manager. Click on the Your Certificates tab. My guess is that since your reading this, you'll only have one certificate here. Click on your certificate, and the grayed-out Backup option should become available. Click it. Choose a name for it, and a save location. I always use Desktop. It's just easier for me. Click save. At this point, it asks for a password. Use a good one, and one you'll remember. Assuming everything goes well, you'll get a confirmation saying it was saved. Some addons will cause an error. You won't be able to backup. No biggie. Just start Firefox in safe mode, and repeat the steps. It'll work now. So, you have your cert. My suggestion now, is place it on a portable drive of some kind. I have a handy-dandy 4gb stick I carry with all my "tools." Once you've got it on there, delete the copy you just saved on your comp. It's dangerous to leave your certs just laying around. Place your cert on the other computer you use. Once again, I always use the desktop. It keeps it all right in front of you. Follow the above steps to get back to the Certificate Manager, but this time choose Import. Locate your cert, enter password, and voila. Delete the cert off your desktop, or wherever you placed it. Wash, Rinse, and Repeat for any other computers you use.
This is just one step in securing yourself from prying eyes, but it's a good one. I'm sure this will eventually become obsolete, as Google sees fit to incorporate it, and make it easier. But until then, you're ahead of the game. Congrats. :)
Comments [0]
