House of Representatives passes the Email Privacy Act

In a 351-66 vote, the House of Representatives passed a bill this week called the National Defense Authorization Act (NDAA), which authorizes the nation’s military and defense programs. Rep. Kevin Yoder (R-KS) used this opportunity to include as an amendment the Email Privacy Act, a piece of legislation long-favored by Electronic Frontier Foundation. If approved by the Senate and signed by the President, the new bill requires government agents to first obtain a probable cause warrant when seeking the content of communications stored by companies like Google, Facebook, Slack, Dropbox, and Microsoft.

You can read Rep. Yoder’s amendment at

If you are concerned about email privacy, please contact your Senator and ask him or her to support the bill.

The Truth about PGP’s So-Called Email Bug: It Isn’t Much of a Problem

Word has been circulating in recent days that PGP has a major bug called Efail can can lead to encrypted emails being decrypted. Details about the problem have now been released and it seems the problem is not with PGP itself. It is with the way that some programmers implement PGP in their various email systems. PGP itself is not the problem.

In fact, decrypting PGP-encrypted email messages with Efail is a difficult task, at best. It probably is not practical for most hackers although NSA or agencies of other governments with access to high-powered computers and sophisticated software tools might be able to decrypt your email messages.

Continue reading

Gmail’s ‘Self Destruct’ Feature Will Probably be Used to Illegally Destroy Government Records

This sounds like a great tool for politicians and bureaucrats to illegally hide things from the public. However, on the bright side, it also will allow private citizens to hide things from politicians, bureaucrats, law enforcement officials, and hackers around the world.

In short, a new update rolling out for Gmail offers a “self destruct” feature that allows users to send messages that expire after a set amount of time.

Continue reading

How to Switch to Encrypted Email: The Ultimate Guide to Everyday Email Encryption

Are you using Gmail or Yahoo Mail or HotMail or or some other free email service hosted on the site of some multi-billion dollar corporation? If so, your email messages are being monitored and your personal information is available to corporations, governments, and other spies. In fact, Google admits that they do read (by means of automated software) all the emails that you send or receive via Gmail—mostly to improve their advertising platform. It is believed that most of the other major free email providers do the same.

Luckily, there is a simple solution: use an email service that offers encryption of your messages, even when stored on the email company’s mail servers. Not even the company that owns the mail servers can read your email messages (nor can the NSA). Several encrypted email providers offer free services for a limited number of email messages per month. However, most of them charge a modest monthly fee for unlimited or nearly unlimited messages and may add in some other security services as well. How much is your privacy worth?
Continue reading

Encrypted Email Service ProtonMail is Being Blocked in Turkey

I have written before about encrypted email provider Proton Mail. In fact, I used Proton Mail last week when I was in China as it was the only email service I could find that was not blocked by the Great Firewall of China. (I bet that changes soon!) Now the government of Turkey isn’t allowing its citizens access to the privacy-enabled email service.

See for the details, unless you are in Turkey in which case the article is blocked.

Use to Quickly and Easily Encrypt Your E-mail Messages is an amazing service. It secures your email messages and other data so that none of the bad guys can read it, it protects your work or personal files from identity thieves, it allows you to share confidential information easily with friends or co-workers, and it is available free of charge. What is there to dislike about offers several methods of use. In its easiest-to-use form, simply type your text into the web site (or copy-and-paste the text), click on ENCIPHER IT, enter an encryption password of your choosing, and your text is instantly converted into what looks like mumbo-jumbo. Here is a snippet from a message I just created:


Decrypt it at

Then you can copy-and-paste that mumbo-jumbo into an email message and send it to anyone of your choosing. You also need to tell the person the encryption password you used. (Don’t send the encryption password in unsecured email!)

Continue reading

You Absolutely Must Secure Your Home Router and You Probably Can’t

Your in-home router/modem may be the most insecure piece of hardware you own. Luckily, there is an easy fix although it isn’t cheap for many people: replace your present router’s internal software with a security-focused product, such as the free and open code, DD-WRT. The expense arises from the fact that most routers cannot easily replace the internal software. If you are one of the majority who owns a non-modifiable router, you will have to purchase a new router (which is a good idea anyway) and then install DD-WRT or a similar product yourself. If you are one of the fortunate few who do own a router that allows for modifying the internal software, you can upgrade to DD-WRT at no charge. Another alternative is that a few companies will sell new routers with DD-WRT or similar software already installed.

You can read much more about this topic in You Absolutely Must Secure Your Home Router and You Probably Can’t in the web site at: That article provides an overview in plain English of a somewhat more technical article, How to Protect Your Home Router from Attacks, by Lucian Constantin, available at:

For the past 3 or 4 months, I have been using DD-WRT installed in a Linksys WRT3200ACM DD-WRT FlashRouter. It includes all the security enhancements of DD-WRT plus it also has a VPN installed. Not only are all connections from my desktop computer, laptop computer, tablet, and even my cell phone protected by the VPN, but even my Roku box, Apple TV, VoIP telephone, security video cameras, and even the Nest thermostat in my home are now connected to the Internet via a safe and secure VPN connection.

Continue reading