Soluții

How to Use OpenPGP Encryption for Emails in Thunderbird

Email message and lock icons representing email encryption.
Mozilla Thunderbird recently integrated OpenPGP right into the main application. No add-ons are needed for email privacy. OpenPGP’s world-class encryption is easy to set up and use without additional software.

Thunderbird and OpenPGP

Version 78.2.1 of the Thunderbird email client has support for end-to-end encryption (e2ee) built right in. This integration means you no longer need add-ons like Enigmail. Thunderbird uses OpenPGP for encryption, which is a free, nonproprietary protocol. Based on the freeware versions of Phil Zimmerman’s Pretty Good Privacy (PGP), it’s now very much its own thing.

Thunderbird’s OpenPGP integration allows you to encrypt a message. Then, only the people you want to read your message will be able to do so. It also lets you digitally sign a message so your recipient can be confident the message hasn’t been altered in transit.

OpenPGP uses the principle of pairs of public and private (or “secret”) encryption keys. To use OpenPGP, you must have a public and private key pair. Public keys are shared with anyone to whom you want to send encrypted messages, whereas private keys are never shared with anyone else. Private keys can also be used to decrypt messages encoded with the matching public key.

The sender’s email client generates a random key which is used to encrypt the message. The random key is then encrypted with the recipient’s public key, and the encrypted message and key are then sent to the recipient. The recipient’s email program uses the recipient’s private key to decrypt the random key. The random key can then be used to decrypt the encoded message.

Why not just use the recipient’s public key to encrypt the message? This would work for messages sent to a single recipient, but it would be too cumbersome for those sent to multiple people.

The most efficient way to distribute a message to several people is to encrypt the message using the random key. This is because no public or private keys have been involved at that point, making the encryption on the message person-agnostic.

For each recipient, the random key is encrypted using that person’s public key. All of the encrypted keys are then sent with the message. Each recipient can decrypt the copy of the random key that was encrypted using their public key, and then use the random key to decrypt the message.

Thankfully, once OpenPGP is set up, all of this happens automatically.

We tested Thunderbird’s OpenPGP integration on an Ubuntu 20.10 computer. On a Windows 10 PC, all the Thunderbird menu items, settings, and dialogs were named the same and in the same locations. So, if you’re running Windows, you should be able to follow the instructions below, as well!

Checking the Thunderbird Version

OpenPGP integration arrived in Thunderbird 78.2.1, so you’ll want to make sure you’re running that version or higher. You can use your package manager to upgrade if necessary.

If you use Enigmail, refer to the upgrade instructions on the Mozilla support pages. They include advice about backing up your old Thunderbird profile before you upgrade. This way, if something goes wrong, you can go back to the previous version. By default, Thunderbird 78.x retains the classic three-pane email interface: the accounts and folders in the sidebar, the list of received emails at the top, and the content of the highlighted email at the bottom.

Thunderbird email client default view

If you can’t see the Thunderbird menu bar, right-click the space to the right of the last tab, and then select “Menu Bar” from the context menu. To see which version of Thunderbird you have, click Help > About Thunderbird.

Thunderbird's help about dialog box

We’re running version 78.5.0, so the OpenPGP integration will definitely be present. If this is the first time you’ve used Thunderbird, configure your email address and account details, and then verify that email is functioning normally. You have to have a working email account inside Thunderbird before you can set up OpenPGP.

Generating a Key Pair

To generate a key pair, click “Tools,” and then select “OpenPGP Key Manager.”

Tools drop-down menu

Click Generate > New Key Pair.

OpenPGP Key Manager dialog box

A screen full of options will appear. Click the “Identity” drop-down menu and select the email address for which you want to generate keys. If you have multiple identities configured in your Thunderbird client, make sure you select the appropriate email address. Under “Key Expiry,” select the lifespan of your keys or select “Key Does Not Expire.”

In “Advanced Settings,” you can select the type of encryption and key size (the defaults are fine in most cases). When you’re happy with your selections, click “Generate Key.”

The Generate OpenPGP Key options dialog box

You’ll be asked to confirm that you want to generate the keys for that email address; click “Confirm.”

Key generation confirmation dialog box

After your keys have been generated, an entry will appear in the “OpenPGP Key Manager” dialog.

New key entry in the OpenPGP Key Manager

If you generate keys for any other email addresses, those details will be listed here, as well. To view the configuration of any of the listed keys, just highlight the entry in the list, and then click View > Key Properties.

Key Properties dialog box

Select the radio button next to “Yes, Treat This Key as a Personal Key,” and then click “OK” when you’re ready to proceed.

Exchanging Public Keys

You have to have the public key for each person to whom you’re going to send encrypted messages. They’ll also need yours to send encrypted messages back. There are a few ways you can get someone’s public key. They might send it to you unannounced or you can ask them for it. You can even try to find it online.

Whenever you receive an email with an attached public key, Thunderbird includes an “OpenPGP” button to the right of the email header; click it to import the public key.

Email with a public key attached, showing the OpenPGP button

You might receive some warnings. For example, if the message wasn’t encrypted or digitally signed, you’ll be told so. If you’ve just asked this person to send you their public key, you can be pretty sure this is from them. If there’s any doubt, just double-check with them via text, phone, or any other non-email method.

If you’re satisfied the public key definitely belongs to the person sending the message, click “Import.”

OpenPGP message security dialog box

The name of the sender and their email address will appear as confirmation. Click “OK” to import the key.

Key import confirmation dialog

Some information about the imported public key will then appear. You’ll see who owns the key, the email address associated with it, the number of bits the encryption is using, and when the public key was created.

Click “View Details and Manage Key Acceptance.”

Imported key details dialog box

If you’re positive the key came from its owner, select the radio button next to “Yes, I’ve Verified in Person This Key Has the Correct Fingerprint,” and then click “OK.”

key proprties dialog box

That’s half the battle! We now have Alwa’s public key, so let’s send him ours. To do so, just start a new email to the person to whom you want to send your key or reply to one of their emails. In the email menu bar, click Options > Attach My Public Key.

Email Options drop-down menu

Then, you just type the body of your email and send it as usual. Again, Thunderbird includes an “OpenPGP” indicator at the bottom right of the status bar to let you know the message uses OpenPGP. If the email is encrypted, you’ll also see a padlock icon, and if it’s digitally signed, you’ll see a cogwheel icon.

Email with OpenPGP indicator in the status bar

The options for encryption and digitally signing emails are available in the “Security” section of the email menu bar. You can also attach your public key from this menu.

Security drop-down menu

When you’re ready, just send your email.

Reading Encrypted Emails

Alwa can now reply to you and use encryption. When you receive an encrypted, email you don’t have to do anything special to read it—just open it as usual. “OpenPGP” in the email header will include green checkmarks to verify that OpenPGP has decrypted the email and that the digital signature has also been verified.

Recieivng an encrypted email in Thunderbird

The subject line of an encrypted email will be displayed as an ellipsis (…) until you open it. This prevents anyone from seeing the subject of any encrypted emails you receive.

Encrypted email header replaced by three dots

Some people do make their public keys available online. To upload yours, you first have to export it.

To do so, click “Tools,” and then select “OpenPGP Key Manager.” Highlight the key you want to export in the “OpenPGP Key Manager” dialog, and then click File > Export Public Key(s) to File.

New key entry in the OpenPGP Key Manager

Save the exported file to your computer (be sure to note where you save it). Next, open your web browser and navigate to the OpenPGP Key Repository. Here, you can search for existing keys using the email address, key ID, or fingerprint.

You can also upload your own key. To do so, just click “Upload,” and then browse to the location of your exported file.

OpenPGP central key repository

Once your key is uploaded, people can search for, find, and download or import it into their own email clients. You can also search for online keys in Thunderbird. Just click “Tools,” and then select “OpenPGP Key Manager.” Then, click Keyserver > Discover Keys Online.

When the “OpenPGP Prompt” dialog appears, type the email address of the person you’re looking for, and then click “OK.”

Searching for online keys from within Thunderbird

If a match is found, Thunderbird will offer to import the key for you; click “OK” to do so.

Matching key details displayed in a dialog box in Thunderbird

Keep Your Secrets, Well, Secret

Admittedly, not every email needs to be locked down with encryption and verified by a digital signature. However, for some people—like dissidents in oppressive regimes, whistleblowers, or journalists’ sources—privacy can be a matter of life or death.

[mai mult...]

How to Stop Signal From Telling You When Your Contacts Join

A phone with the Signal logo next to a cup of coffee.

When someone in your contacts signs up for Signal, you’ll see a message saying that person joined Signal. Now you know you can contact them on Signal. If you’d rather not see these notifications, you can disable them.

How to Disable Signal’s Contact Join Notifications

Signal uses phone numbers as addresses you can reach people at. When a phone number in your contacts signs up for Signal, you’ll see a notification telling you they’re reachable on Signal. The name associated with that person comes from the contact information saved on your phone. To hide these alerts, open the Signal app on your iPhone or Android phone. Tap your profile picture or username initials shown at the top-left corner of the Signal conversation list.

Tap your profile logo at the top-left of the Signal app.

Tap “Notifications” on the Signal settings menu screen.

Tap "Notifications."

Under Events, tap the slider to the right of “Contact Joined Signal” to disable these contact-join notifications.

Tap the "Contact Joined Signal" toggle.

That’s it—Signal won’t let you know when your friends, family members, coworkers, or other contacts join in the future. The Signal app will still know, of course. If you tap the “New Message” icon, you’ll see all your contacts who are on Signal, ready to be contacted.

Can You Stop Signal From Telling People When You Join?

There’s no way from preventing Signal from informing people when you join. If someone has your phone number in their contacts, Signal will let them know that phone number has joined Signal. This has nothing to do with whether you allow Signal access to your own contacts.

The only way to prevent this is to use a secondary phone number. Signal is designed to work with phone numbers and to be an easy-to-use replacement for SMS, which is why it works this way. If you want a chat service that doesn’t use phone numbers as identifiers—for example, if you would prefer usernames that don’t expose your phone number—Signal isn’t the app for you.

[mai mult...]

How to Protect Signal Messages With a Passcode

Signal logo on a smartphone

If you’re looking to add an extra layer of security to your Signal app, you can lock your messages behind your smartphone’s lock screen security features. Here’s how to add a screen lock to Signal. By turning on the Screen Lock feature on your iPhone or iPad, your messages will be hidden until they’re unlocked using Face ID, Touch ID, or your lock screen passcode. The same goes for Android. You’ll either need to authenticate yourself using a supported biometric security feature such as your fingerprint or a traditional password or PIN.

Open the “Signal” app on your iPhoneiPad, or Android device.

Open the "Signal" app

Next, tap on your profile picture in the top-left corner. If you haven’t uploaded a custom image, you will find your username’s initials instead.

Tap your avatar in the top-left corner

Select the “Privacy” option from the overflow menu.

Select the "Privacy" option

Finally, toggle on the “Screen Lock” setting.

Toggle on the "Screen Lock" option

Once the feature is enabled, you can customize the “Screen Lock Timeout.” This setting allows you to adjust how long it takes for Signal to lock itself and require your phone or tablet’s lock screen security to unlock.

Select the "Screen Lock Timeout" listing

From the pop-up window, select one of the options between 1 minute, 30 minutes, and instantly.

Choose a timeout period

You can now exit Signal’s settings menu and the app itself. The messaging app will lock itself after the timeout period you chose in the previous instruction. The next time you want to send a text message in Signal, you’ll need to unlock the app using your phone or tablet’s password, PIN, pattern, fingerprint sensor, Face ID, or other biometric security feature.

[mai mult...]

How to Disable (or Enable) Windows 10’s Xbox Game Bar

Microsoft Xbox Logo on a Green Background

Microsoft’s Xbox Game Bar in Windows 10 is a handy way to call up an overlay of useful widgets using the Windows+G keyboard shortcut. But not everyone needs it, and if you’d like to disable it (or enable it again later), all it takes is a visit to Settings. Here’s how. First, open Windows Settings. To do so, open the Start menu and click the small “gear” icon, or press Windows+i on your keyboard.

In the Windows 10 Start Menu, click the "gear" icon to open Settings.

In Settings, click “Gaming.”

In Windows Settings, click "Gaming."

Under “Xbox Game Bar” settings, click the switch beneath “Enable Xbox Game Bar” until it is turned off. That will disable the Xbox Game Bar.

Click the "Enable Xbox Game Bar" switch.

After that, close settings. Try pressing Windows+G, and nothing will pop up. Even if you press the Xbox button on an Xbox controller, nothing will happen. Xbox Game Bar has been fully disabled. If you’d like to enable the Xbox Game Bar again, revisit the “Gaming” section in Windows Settings and flip the “Enable Xbox Game Bar” to the “On” position.

How to Disable the Xbox Button in Windows 10

By default, if you have an Xbox 360 or Xbox One controller connected to your Windows 10 PC, pressing the Xbox button (the large circle in the center of the controller with an “x” on it) will bring up the Xbox Game Bar. If you’d like to disable this, visit Windows Settings > Gaming, then uncheck the box beside “Open Xbox Game Bar using this button on a controller.”

Uncheck this box to disable the Xbox button in Windows 10

Alternately, if you disable the Xbox Game Bar completely using the “Enable Xbox Game Bar” switch, then the Xbox button on your controller will no longer call up the Game Bar. But that also disables calling up the Game Bar using other methods (such as the Windows+G shortcut).

[mai mult...]

How to Stop Low Cardio Fitness Notifications on Apple Watch

How to Turn off the Notifications the Easy Way

Confusingly, while you set up Low Cardio Fitness notifications in the Health app, that isn’t where you turn them off. Instead, to disable the alerts, open the “Watch” app on your iPhone and go to “Heart.” Toggle “Cardio Fitness Notifications” off from here.

watch app with heart option highlighted cardio fitness notifications toggle

How to Stop Low Cardio Fitness Alerts the Hard Way

While turning off Low Cardio Fitness notifications is one way to stop seeing them, there’s a better way: increase your cardio fitness. Higher levels of physical fitness have been linked with lower risks of getting heart disease, strokes, type 2 diabetes, high blood pressure, dementia, Alzheimer’s disease, and some cancers. Just look at this list from the American Heart Association.

Also, it’s important to remember that your cardio fitness is measured against other people of your age and sex. If you’re in your 60s, your level of fitness is naturally going to be lower than it was when you were in your 20s. Apple doesn’t somehow expect everyone to stack up against a field of elite athletes.

Note: Before starting any new exercise program, make sure that you talk to your personal physician. We’re not doctors here at How-To Geek, and we aren’t qualified to give you nuanced and specific health advice.

Increasing your cardio fitness takes time and, yes, exercise. If you’re just starting out, try increasing the number of steps that you take per day, or even do a couch to 5k program. After a few weeks, you’ll be able to see your cardio fitness number climb in the Health app. To check your cardio fitness, open the “Health” app, tap “Browse,” tap “Heart,” then tap “Cardio Fitness.”

heart option in health app cardio fitness option in health app

Move more and you should see the trend-line start to go up over the next days, weeks, and months. You can also tap the “i” icon to see the different ranges for all demographics.

trend line low fitness average values for different demographics

[mai mult...]

Why Can’t I See the Burn Bar on My Apple Fitness+ Workouts?

What the Burn Bar Shows

First, let’s quickly recap what the Burn Bar actually shows. It compares how many calories you’ve burned in the past two minutes of your workout (and at the end, the average for the whole workout) to people who are roughly the same age, weight, and gender (so newbies aren’t compared to elite athletes). You’re given a ranking—“Behind the Pack,” “In the Pack,” “Middle of the Pack,” “Front of the Pack,” or “Ahead of the Pack”—based on how you’re doing.

The Burn Bar Takes Two Minutes to Appear

Since the Burn Bar is based on how hard you’ve gone over the previous two minutes of your workout, it doesn’t appear until after you’ve actually worked out for two minutes. If you’re not seeing the Burn Bar at the very start of a workout, this is probably why.

The Burn Bar Only Shows on Certain Workouts

strength workout in fitness+
Strength workouts aren’t about burning calories.

The Burn Bar only shows up on workouts where the aim is to burn calories. Some workouts, like Strength, Yoga, and Mindful Cooldowns, have different goals. The Burn Bar won’t appear in workouts like these because it’s not a good measure of performance.

In a Strength workout, for example, your goal is to perform high-quality repetitions that build muscle, not to get your heart rate up by bouncing around. The Burn Bar can’t compare your reps to other people’s, so Fitness+ won’t show it.

The Burn Bar Might Be Turned off

After your first workout, you get the option to disable the Burn Bar. If you did that by mistake—or deliberately turned off the Burn Bar at some point—you might need to turn it on.

In a workout, tap the metrics icon in the bottom right of the screen.

metrics button highlighted

Tap the toggle to the right of “Burn Bar” to turn it on.

burn bar toggle highlighted

If the Burn Bar option is already enabled on this screen, you’re probably not seeing it for one of the other reasons—you might need to wait two minutes, or it might not be relevant to your current workout.

[mai mult...]