Email Privacy and Anonymity for Boylovers

Threaded index Date index FAQ

Email Privacy and Anonymity for Boylovers

Posted by Seb on 2011-April-21 18:26:25, Thursday

I recently began emailing again with an old friend from BC. The last time we exchanged emails was almost a year ago. Back then, I insisted that all of our communications be encrypted end-to-end as a security precaution. There are many reasons for this.

Even if you sign up with your webmail provider through Tor and only access it through Tor, your messages are still unencrypted between the Tor exit node and the webmail server. Once they arrive at the webmail server, they sit there, unencrypted, readily available for snoops to delve into your private affairs.

I was discussing this with another BL from here, and we both agreed that while probably unlikely, it certainly would not be beyond the realm of possibility for a vigilante group to convince the administrators of a webmail provider to allow snooping in order to protect the children from evil pedo-monsters. An even greater threat would most likely be law enforcement strong-arming a webmail provider into granting access to private email as part of some new "initiative to combat the growing epidemic of child sexual exploitation online."

Here at BoyChat, those of us who are smart post here with extreme care so as not to divulge personal details that could be used by the bad-guys to discover our real-life identity.

Email should be no different. Email may actually be more dangerous. One problem is that, compared to BoyChat, which is completely out in the open for all to see, email gives off the illusion of privacy. Because it's "closed" you get the feeling that the only people who are reading your email are you and your correspondents. As discussed above, if your email is not encrypted end-to-end, then there are many different types of snoops who could be intercepting your communications at several points down their line of travel.

With this illusion of privacy, you may be more apt to divulge some details in email that you wouldn't even think of giving away at BoyChat. You might use your first name. You might even use your last name. You might go into detail about your job, or talk about where you grew up, or where you live now. These are all big no-nos at BoyChat, and they should be big no-nos in email as well for the same reason: The wrong people may be reading what you write (Including those you are corresponding with! In this case, even end-to-end encryption won't help you, which is why you should always be ultra-choosy about whom you make off-board contact with, and proceed slowly!)

So again, I just started back up communicating with this old BL friend of mine, and he asked me if I could help him again with the encryption software that we used to use for our email communications. Since I would be writing this for him anyway, I figured why not write a tutorial that might benefit some others at BC?

So here it goes:

1) Set up a correctly configured Tor browser. This will prevent your ISP from knowing which websites you visit, and it will prevent the websites you visit from knowing your IP address, which could be traced back to you. How to set up Tor is beyond the scope of this tutorial.

2) Connect to a free webmail provider through your correctly configured Tor browser and open a free webmail account. I recommend fastmail.fm and safe-mail.net. Both of these providers allow you to sign-up for and access your account with java and javasript disabled in your browser. Hushmail does not allow this. Free fastmail accounts require you to provide an alternate email address where they will send you an activation email to complete the opening of your account. If you prefer to use fastmail, you can first open a safe-mail.net account and have the fastmail activation email sent to your safe-mail account, and then you're home free.

3) Install GnuPG on your system. If you're running MS Windows, download it here: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe
If you're running Linux and you use a package management system, then obtain GnuPG in your usual way, or if you don't use a package management system, compile the source code found here: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.11.tar.bz2
How to compile programs in Linux is beyond the scope of this tutorial. If you're running MacOS, find whatever you need at the GnuPG downloads page: http://www.gnupg.org/download/ (I don't know anything about Macs)

4) Create a passphrase. It has to be strong. This will most likely be the weakest link of your whole setup. For information on creating strong passphrases, see diceware: http://world.std.com/~reinhold/diceware.html

5) Now you need to create a key pair. Since GnuPG is a command-line program, you need to open up a terminal in whatever OS you use. If it's Windows, it used to be START - RUN - cmd
but I don't know anything about the newer versions of Windows. If you're running Linux, then you'd better know how to get to a terminal, or I'll bitchslap you. [CTRL+ALT+F1] should do it. If you're running MacOS, then figure it out. Google it if you have to.

Once you've opened a terminal, follow these instructions on how to create a keypair in GnuPG: (note: anything in red is something you need to type):

-------------------------------------------------------------------------------------------------------------------

seb [ ~]$ gpg --gen-key

gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) [enter]
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: seb3000
Email address: seb3000@ml1.net
Comment: Boys Rule!
You selected this USER-ID:
    "seb3000 (Boys Rule!) <seb3000@ml1.net>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

Enter passphrase: [enter STRONG passphrase and repeat]

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
....+++++
........+++++
gpg: key AE3BE5CC marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   4096R/AE3BE5CC 2011-04-21
      Key fingerprint = E320 46D6 5397 84E6 0A6A  4906 F11C 6507 AE3B E5CC

uid                  seb3000 (Boys Rule!) <seb3000@ml1.net>

Note that this key cannot be used for encryption.  You may want to use
the command "--edit-key" to generate a subkey for this purpose.

-------------------------------------------------------------------------------------------------------------------

seb [ ~]$ gpg --edit-key seb3000

gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/B3BFD8EE  created: 2011-04-21  expires: never       usage: SC  
                     trust: ultimate      validity: ultimate
[ultimate] (1). seb3000 (Boys Rule!) <seb3000@ml1.net>

gpg> addkey
Key is protected.

You need a passphrase to unlock the secret key for
user: "seb3000 (Boys Rule!) <seb3000@ml1.net>"
4096-bit RSA key, ID B3BFD8EE, created 2011-04-21

Enter passphrase: [enter passphrase]
Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) [enter]
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.......+++++
............................+++++

pub  4096R/B3BFD8EE  created: 2011-04-21  expires: never       usage: SC  
                     trust: ultimate      validity: ultimate
sub  4096R/247AAB62  created: 2011-04-21  expires: never       usage: E   
[ultimate] (1). seb3000 (Boys Rule!) <seb3000@ml1.net>

gpg> save

-------------------------------------------------------------------------------------------------------------------

Now you're ready to start sending and receiving GnuPG encrypted email. First thing you need to do is exchange public keys with whomever it is you would like to communicate with.

To export your public key so you can send it to this lucky person, do something like this:
gpg --armor --export seb3000@ml1.net

This command will output a block of text that can be copy and pasted into an email or even the body of a BoyChat post so that someone else can copy and paste it into a text file and name it "seb3000.gpg" or whatever. Then they can import that file into GnuPG in order to start sending me encrypted email.
gpg --import seb3000.gpg

Another way is to export your public key to a binary file which you can send as an attachment, like this:
gpg --output seb3000.gpg --export seb3000@ml1.net

So once you get this lucky person's public key, import it to your keyring:
gpg --import luckybl.gpg

Now you can write them a message and encrypt it. Use a text-editor such as notepad in Windows or vim in Linux. Once you've written the message, save it to a file, such as: to_lucky.txt

Now, to encrypt the message using lucky's public key, do this:
gpg -r luckybl -e to_lucky.txt

If you didn't fuck up, you should now have a file called: to_lucky.txt.gpg

You can now send this file as an attachment to lucky, and only lucky will be able to decrypt it because only lucky has the SECRET KEY and passphrase. Remember, not even YOU who created the file to_lucky.txt.gpg can decrypt it, because YOU DON'T HAVE THE SECRET KEY AND PASSPHRASE. ONLY LUCKY CAN DECRYPT THAT FILE!!! So, if you want to keep the message that you sent to lucky, don't discard the .txt file and expect to have access to the .gpg file later on. You won't be able to read it.

Now, you go to your inbox using your correctly configured Tor browser one day, and lo and behold, lucky sent you a reply! It's your lucky day!

So you download the attachment and now you have: to_seb_from_lucky.txt.gpg

So here's how I decrypt it:
gpg -d to_seb_from_lucky.txt.gpg >to_seb_from_lucky.txt

It will prompt me for my passphase. I enter it, and then, if lucky didn't fuck up, I'll have a file named "to_seb_from_lucky.txt" sitting in my present working directory.

Now I am free to read what's on lucky's mind.

There is also a way to "enarmor" your encrypted message in ascii armor so that you don't have to send the message as an attachment--you can copy and paste a big block of ascii text. This way, you could even post private messages to BoyChat if it were allowed--but I don't think it is.

Like this: gpg --enarmor < message.txt.gpg > blah.txt

Now you can copy and paste the contents of "blah.txt" into the body of an email, or the body of a forum post.

Have fun!

My public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)

mQINBE2JgK0BEAC2ugUDEjOV4k0MsIWfLBf4jJ6HxktIZv+89Qaiekj7B8+/Gcoc
e8dKpthYYgesOY4r7tsvSEbXw+8V12UpqOVV5v47qbZgf/odvZpVk8GzW1PRYPEU
f1CzGGWUy2TBf4AQv1P12kDB5cG4aGW/5KRZuJIqVxRWHflcHhp60PIUcntv2GEP
qyA7t4HnhfXWfDIdpkO91+pgzw9/PTBtVyCHHdiwIKaeIqKwBd+ZuT6YleXW6lsU
fea16qBXSKPMS7U1/t98SWDagBAaaRMVJnH58+dYcuuH7RncQFc20/7pZUfop7f6
kuhU8ydOFvNhKMDJSKJbHu3Wp0I6mDkqW7hghvT2Uw4YSXH85mzSGE1PGYMfJpwd
vNzsMG2OuARYaXWQ1IeeqDA/9uVT9X67CfD2J0uxRnMIXryJkM/jBQk/n0C5Urbq
5urLBvEy0eJGfgWqi1zOoc197Ft9lUf66leZq8sGwbN4o4C/cLYnZIcOvGJ5Wx4K
yMJZyUMpE/VUYfqrJSyP9kZtb9/ZNPUw8K2Jj7ifbplPAkUMBY5chCYYk2MfCKmm
elk1EqDbQMA1qJ9cMdapsMHrPhRa6RaS980TzTHiSX6Bo5lmEHFKauwQmMUmI9us
kkBvCGs5F42+1iBIaz0zJjtRnCDvkugoMAAt6uPAW+TuLF8QJPXvLQ/H3wARAQAB
tBlzZWIzMDAwIDxzZWIzMDAwQG1sMS5uZXQ+iQI2BBMBAgAgBQJNiYCtAhsDBgsJ
CAcDAgQVAggDBBYCAwECHgECF4AACgkQhhYyiEVy0UDJkA/+OffwjhZRx/ZZmWcr
dRYSG/6GEAQJlBdJ7B3isg06eTZasUvatN34nhUXFtsqQfJ7R0pIaIlIgtX0UM48
ie16kQ/iIvbiiLpY6pwJIHainJASVaWS9xuG0r+v0IQFnuGfVsFmxh00voHZ4k/p
ZppuXcppdbHOJypGS1i+J3YCVk5JF0XyrFLbl8cmqSdV9295Mv3u+LsbdFkwiMzB
cU08iRQeIkJyhltE5BU1GL+7oq3ua0mgTscn3nPjz3dVUNYoJ5bUgPRcjM7e/wtm
DqIYASnJda5sUzzcPL69ccwBQtg3dXtyleEar95tB5zPXeL4UYxRKssSA83gYMMs
Y4cdqMz2bLh7VqFipGGfVWj1yqX2H3p60zSFALWmcg/+4vCed1xsDyB53tu1fi4W
PA2Qcy/uPeInsUPXtwTJC50Im09AlL+ckTNTqpEq0Gg+naE99q3M3drcYeQUmAsG
fQTRrh8a8Acf9SiDxldNKr81fy12SsnmF4b4e0opfaAdYxLKbfvM3tnrYC8xXp4I
JmjYC+gYhRGoK15Z1gEDCfRKKHi6NZNXFoyl0PCuFSASGyYuQuMysbwAC15fwi8Z
bp3oudTRKlQg9Mp+IbE80+TDm0pEYaZd2Xl11KtxFNe/tedN2TaJl0WsBCKd17bz
C39Wroi1ecXRMACJJ6bN10rP6/m5Ag0ETYmBWgEQANlP5v/e2iIZ18eIJFZC6vYy
cAXYx/Td1k7O8oXRngb/6noxjnn+SMd4az8okyfXUYKyzHu7dmCf5mQUWwokOn/r
Ba8X+KBeGeEmp9zSq/Koo/hEa4VJTPDXlpmpYtLIidx8Nbz5wB/12SmCfggU+4XT
z0V5QBVcBRBvpanc+RBll6ZRCQXCdD97pOV6q7kcKSpohddL7gDrhKt2qm8Nb7C7
RoHFF50w58Yl9WXpgxBBqlvEtoZ50m6hC9+YmJ4DRNP6lH7ksBG22nCpMcSRfgEk
rO2X0XGHvYSpPX3X1lf/y+BJZVx8appBwlTzMI7TkCh23KcwJK9B8xZeI8uecwXV
igZKim9N9M2Miap3ae048llvZqyWI4OGD6mCuvTp5EUrRTeaqOnOdc4Yr3cmDgc+
9sGlvDPi11c1hsCvKPMVqCfsTABqOzcBxDUrYJDnYz4KzSCeyTt1aw/8tf6PEHaH
5roblrqmvV8KrPNqTh5RDRux7Fxlw2HK+kCGHcGvimShtR+o/R3GumdUECRyGj8S
aIDxgU+MUUE75URO0iuutQzffYR0x9uApLjQqGlOpS+lVJudTYgejJ+rsQ42i/AO
PYqOtUCQnu0QLAhs2IrybfACtmiBh9701CGEoXX792j/fYLa2klJZ57pLdnVMywO
rvqoiyPXUg4ByNHIBZ0XABEBAAGJAh8EGAECAAkFAk2JgVoCGwwACgkQhhYyiEVy
0UDNAw//R1CI8wS2XpfOQ9Me0xZ2Z7+guCh+k3/flQcG+4fZAf30Gl8FMTVX6QV1
uOoE74XSOJ5jTmVdQVj1HVVzP5h9tdE5XI4X2CFCjyqHzZTe9/V1QCBJfc18BzVT
C00Uw1imwUIZppuExhfw7U8Y5dQN1+kx/nm+32uqghlEWMhE8in3NdFNRVUTv3+6
P5BhdjCnFzab6yhXUZbk2KLau/mL0N2JGLgc8dJDJCM27lGpTRk/6+YGoW/U/58S
58E5ip2k6QK85Lm/xBhiDBoMoVQmyINBBrpHcKJkQwuMg11CElbcZozLhlZPtzUH
0VFoEI30zFelYruaNipU5vqWxOS4eh2m0bReZv5Ecyd8AUDHxa4hc50n1CPEaIfF
IokBorOinOCor02OovFmkh24NU8aFWHGcMGhk4DslFv7zbWEnWhg9rYhvwFn1JBN
7QI30VUmyowwii+Be5lamYsL7GEz6g3HODFijqH4nPc6VnebgoYKAmI0L3fMFqmo
RVNyZ9p2xnCmFCLO9cAhF+cKKOWUHlVrovtOViLd/1QPJV/s2+/QqMsKKbKsG+Fu
HnwZSAfxPvAp49GAqvgKQcqdw2t/8C9U42rBV1WOcxhPxjGimZIRWxAK6Nas9Wjd
bvmsGTlYOHGPkIz2glHX7dU3jhf+BMOCBD75JtjZGCrQySB56bs=
=9GiG
-----END PGP PUBLIC KEY BLOCK-----

Follow ups:

Is there any particular reason why - Hobocatamite 2011-April-21 21:18:13, Thursday (1)
- No particular reason other than... - Seb 2011-April-21 23:35:51, Thursday (0)
Something I have done - Ollivander 2011-April-21 21:07:14, Thursday (2)
- Sounds like a good system. - Seb 2011-April-21 23:24:21, Thursday (1)
  - K, that has mine well beat (nt) - fhqwhgads 2011-April-22 00:12:51, Friday (0)
Use leet (1337) to make strong passwords - fhqwhgads 2011-April-21 19:10:46, Thursday (21)
- No. Use Hittite cuneiform. - Fetishist 2011-April-21 22:43:16, Thursday (18)
  - Sounds like a plan - fhqwhgads 2011-April-22 00:09:19, Friday (17)
    - Re: Sounds like a plan - Seb 2011-April-22 00:20:47, Friday (16)
      - Fair enough - fhqwhgads 2011-April-22 00:38:04, Friday (15)
        
        That sounds like a good plan. - Seb 2011-April-22 00:51:03, Friday (14)
        
        I'm thinking maybe I should put the BC URL on... - martirwithacause 2011-April-22 01:06:12, Friday (13)
        
        I don't know. - Seb 2011-April-22 01:16:49, Friday (12)
        
        Here's a link... - martirwithacause 2011-April-22 01:21:56, Friday (11)
        
        I went to the site and looked around... - Seb 2011-April-22 01:28:30, Friday (10)
        
        The hosts list is the list of sites your browser - martirwithacause 2011-April-22 01:33:06, Friday (9)
        
        I see... - Seb 2011-April-22 01:46:18, Friday (8)
        
        Such a shame that 99.9% of BC posting is pure... - martirwithacause 2011-April-22 02:08:09, Friday (7)
        
        You'll stay 'til you've posted all your thoughts? - littlexs 2011-April-23 12:15:12, Saturday (1)
        
        Come! Good boy. Stay! Lie down! Roll over!... - martirwithacause 2011-April-23 15:00:41, Saturday (0)
        
        It's always a wonder to me why I continue posting. - Seb 2011-April-22 02:54:14, Friday (4)
        
        If I can say so - fhqwhgads 2011-April-22 03:41:44, Friday (1)
        
        Aww, shucks. - Seb 2011-April-22 04:35:53, Friday (0)
        
        You're right. I'll have to try to stop trying ... - martirwithacause 2011-April-22 03:04:15, Friday (1)
        
        truly *great* people... - middy 2011-April-22 09:50:06, Friday (0)
- No, of course. Ridiculous. Easy for computers. nt - xcvcx 2011-April-21 20:16:44, Thursday (0)
- There are many differing opinons... - Seb 2011-April-21 19:38:48, Thursday (0)
Re: Email Privacy and Anonymity for Boylovers - andrew_bl 2011-April-21 18:54:15, Thursday (1)
- Good points. - Seb 2011-April-21 19:06:23, Thursday (0)
Thanks, Seb. I'll have to study it again... (nt) - martirwithacause 2011-April-21 18:47:30, Thursday (2)
- You're welcome. - Seb 2011-April-21 18:51:08, Thursday (1)
  - Kewl, no? Am I the only one to think of it?-nt- - martirwithacause 2011-April-21 19:05:39, Thursday (0)

Post a response:

Nickname:		Password:
Email (optional):
Subject:

Message:

Link URL (optional):
Link Title (optional):

Add your sigpic?

Here are Seven Rules for posting on this forum.

1. Do not post erotica or overly-detailed sexual discussions.
2. Do not request, offer, or post links to illegal material, including pictures.
3. Do not engage in campaigns of harassment against other posters.
4. Do not reveal identifying details about yourself or other posters.
5. Do not advocate or counsel sex with minors.
6. Do not post admissions of, or accuse others of, potentially illegal activities.
7. Do not request meetings with posters who are under age 18.

Posts made to BoyChat are subject to inclusion in the monthly BoyChat Digest. If you do not want your posts archived in the BC Digest, or want specific posts of yours removed after inclusion, please email The BC Digest.