As everyone is aware of by now, the Swedish FRA will soon “start” monitoring (scan, filter, read) all private email traffic crossing Swedish borders. This is not only a very bad idea, it is also very obviously a breach of the Swedish constitution; to be precise Regeringsformen 2.6 which very clearly states that private communication is protected:
Varje medborgare är gentemot det allmänna skyddad mot påtvingat kroppsligt ingrepp även i annat fall än som avses i 4 och 5 §§. Han är därjämte skyddad mot kroppsvisitation, husrannsakan och liknande intrång samt mot undersökning av brev eller annan förtrolig försändelse och mot hemlig avlyssning eller upptagning av telefonsamtal eller annat förtroligt meddelande. Lag (1976:871).
Anyway, there is a simple solution. Just encrypt your email. Below I demonstrate how to set up mutt (the email client for real men) for easy encryption. For everyone else, I recommend Enigmail.
- First, use Seahorse to generate a key-pair.
- Exchange keys with your friends or upload your public key to a keyserver. (Seahorse will help you with this.)
- Add the following lines to your .muttrc:
# Sign all outgoing messages
set crypt_autosign=yes# Encrypt messages to all recipients in keyring
source ‘~/local/etc/mutt/generate-crypt-hooks.py|’# Store unencrypted copies of outgoing messages
set fcc_clear=yes# Remember PGP passphrase for 1 hour
set pgp_timeout=3600
You will also need the following script. Store it in a suitable location and adjust the path above accordingly:
#!/usr/bin/env python
import commands
# List keys from GPG keyring
gpg_output = commands.getoutput(“gpg –list-keys”)# Extract email addresses
emails = []
for line in gpg_output.split(“\n”):
if not “@” in line: continue
email = line.split(“<”)[1].split(“>”)[0]
if not email in emails: emails.append(email)
emails = “|”.join(emails)# Print mutt send-hook
print “send-hook ‘^~C \”(%s)\”‘ ‘set pgp_autoencrypt=yes; set pgp_autosign=yes’” % emails
The script is based on a Perl script I found here.
Once setup, this will make mutt automatically sign all your outgoing messages and encrypt all messages to recipients found in your keyring. It will also make sure that if you store copies (fcc) of outgoing messages, those copies will be stored unencrypted (so you yourself may read them, not only your recipient).
[...] kablar och börja läsa vår e-post. Det enda sättet att skydda sig är genom kryptering. Se min tidigare post om hur du kan göra för att kryptera din email-trafik. För er som inte använder Mutt (gör inte [...]