Email by its very nature is not secure. A number of events in recent months have hinted at the issue of email privacy: Sarah Palin's yahoo account debacle, and revelations that nsa wiretapping included pretty much everyone, to name two.
What I have not seen mentioned is that anyone can take measures to protect their communications from unwelcome eyes. PGP (Pretty Good Privacy) and its open source version, GnuPG solve two large security deficiencies of the electronic mail system. Follow me below the fold for a discussion of the weaknesses of email and how pgp provides for secure, verifiable electronic communication.
First let me briefly explain the two major problems with standard email.
The first is the issue of privacy. Email is a plaintext format, so any computer on earth can accurately interpret the data contained in a message. This means that someone who guesses your login information (see: Palin, Sarah) can then view all of your communications. With even less work, the company hosting your email can in principle read whatever you have stored on their server. It also means that as email data is transported across the internet, anyone listening in can copy it down and read it. "Anyone" can include someone else on your network, some joker at your ISP, or most likely, the NSA.
The second issue is authentication. When you receive an email from Aunt Marge, the only way you know who it is from is that the sender told their email client "I am Aunt Marge." Anyone can do this. Relying on the "From" field to identify a sender is like relying on the return address on an envelope. There's nothing to stop your smart-alec brother from sending you a letter that has Aunt Marge on the upper left-hand corner of the envelope.
In most cases this isn't a major concern. You can tell by writing style, etc, that the person you are communicating with is indeed who you think they are. Additionally, if they were to do something that required you to be confident of their identity (ask you to wire them money, for instance) you would probably verify the request via phone or otherwise. But it is conceivable that you might want a way to verify that an email sender is genuine.
The solution to the first problem (privacy) is to encrypt messages. PGP uses a system known as public key cryptography to secure messages. In this system, someone who wishes to receive encrypted emails can publish a "Public Key." Anyone can use this key to scramble messages, which can then only be unscrambled by the holder of the matching "Private Key." One way to think about this system is to imagine you have a bunch of safes, to which only you know the combination. You give open safes to all your friends, and even leave some on the street corner. Anyone who wants to send you a secure message just puts it in the safe and closes it. Then only the safe owner can open and read the message.
To solve the second problem, PGP has a system of "signatures." To continue the safe analogy, imagine you want to send something to Aunt Marge, and you want her to be certain it came from you. You use a collection of clear safes which are kept locked at all times, and to which only you know the combination. You can write your message, lock it in such a safe, and send it to your aunt. When she receives it, she can read the message (the safe is clear), and she knows that only you could have put the message in that safe. How does she know that the clear safe is actually yours? She can grab one of the safes off the street and verify that it and the clear safe have the same combination (this is done without her actually knowing the combination). She then knows that the message she received is from the same person who can read the messages she keeps sending.
So Aunt Marge knows that the safes on the street and the safes in her mailbox belong to the same person, but how does she know that this person is really you? This final link is known as signing. You and your aunt get together for coffee (or chai latte, if you're liberal elitists), and you make a record of each other's digital finger prints. You can then be certain that the safes you exchange actually come from each other. This verification process quickly gets cumbersome if you are communicating with a large group of people. To make it easier, PGP allows you the option to build a "web of trust." This means that you can decide that you trust Aunt Marge's digital finger print (after all, you met with her face to face and verified that it is indeed hers), and you can also decide to trust anybody who she trusts. So when she visits your cousin Frank who lives out of state, she verifies his digital fingerprint, and now you and Frank can be certain of each other's identities, beccause you trust Aunt Marge as an intermediary.
PGP allows you to decide the number of links you are willing to trust...just people verified by Aunt Marge, or anyone verified by someone verified by Aunt Marge...up to 4 degrees of separation.
By this system you can build up a network of people with whom you can communicate in a verified, secure fashion.
"This sounds like overkill" you might say. For most email communication, it probably is. But it allows you to exchange information via email that you would ordinarily only be comfortable exchanging face-to-face (ie banking information with your spouse, or business plans with a partner, or how to freep an internet poll with a fellow kossack).
I will hold off on a tutorial detailing how to set up pgp for personal use, as this diary is long enough already. If there is sufficient interest, I would be happy to put together a follow up with instructions. (For the more impatient and technically-inclined, there's always google.)