Safe Communication

If you wish to communicate securely with us, you should consider this:

The basic problem:

There will never be (or will be) 100% certainty. It is possible to make things for potential collectors difficult or almost impossible.  The next question is for those interested in your communication: is the effort worth while? Is it worth their while to have a large computer working month after month until it has cracked (by the rules of combinatorics) an encrypted message? 

The NSA certainly has such ‚giga’ computers but cannot be interested in everything that is encrypted worldwide, apart from probably having  specific target groups in their focus.

So we can assume that a well secured, pro-encrypted message, is actually secure. In any case from those you want to protect it from.

Several methods exist of which we recommend/suggest the following two:

Method 1: PGP

This is an encryption program for emails. It has a very high safety level. But it is also not very easy to install.

It works with 2 "keys": one that you publicly announce and the elaborate encryption takes over. Only you know the second "key"; and this is the only way to "decrypt" what the sender has encrypted for the receiver.

When you install PGP, the public key is automatically generated so you do not randomly construct one that might already exist. It is very unlikely, but still safer. Such a key has around 3000 characters.

You define your own key - or code, or password - yourself. The longer and the more variations in letters, large and small print, digits and characters are combined, the better.

It is relatively easy to install PGP when you use Thunderbird. This is an open-source programme, supported by the non-profit foundation ‚Mozilla’ and the world-wide dedicated volunteer computer experts.

If you choose to use Thunderbird, they install PGP almost automatically. For further information, please visit: investigativ.org: Chapter 6.4 (in German).

Needless to say: PGP is free for the user.

As free as the second and simpler alternative:

Method 2: tutanota

This is a comparatively simple method: you do not have to install a programme, but simply use an existing website that accepts the work, strictly speaking: everything is encrypted: www.tutanota.de.

"Everything encrypted"  means - as with PGP - not only the message text in the email is encrypted, but of course all attachments as well;  files, ie texts, pictures, etc.

The (simple) handling:

You register at tutanota.de, register once with your own password and create an email address of your choice:  finished!

The recipient must also have an account or mailbox with PGP or has to set it up and all is set to go. You only need to give the recipient a specific password so that he can open your encrypted mail with all attachments etc. This password is automatically requested before sending the email.

This receiver-specific password should be communicated to the addressee via a different route. For example by SMS or by letter or otherwise. Also tell him that he can now retrieve a new mail.

Technically, the email is not sent. But it's all about a (single) server where you upload everything: sender and receiver.

The server is in Germany. Germany is subject to much more stringent data protection regulations than USA or the UK. Apart from the fact that it is the goal of the initiators and operators, in contrast to the State and other interested ‚snooping’ parties to guarantee data security and privacy. The Tutanota project started many years ago at the TU Hannover, where there has always been a university with a dedicated focus on IT. 

Contact us :  (www.ansTageslicht.de): 

PGP: 

  • Find the public key here : file
  • use this email address: johannes.ludwig[at]haw-hamburg.de

 

Tutanota: 

  • my email address : johannesludwig[at]tutanota.de  (without the dot)
  • my cell phone +49 176 – 52 00 69 15. 
  • postal adress can be found in the Disclaimer/ T&C Disclaimer/T&C   

 

Method 3: Postal Services

In addition to digital transmission, Please be aware that the classic 'snail-mail' using postal services,  is now almost safer than secure electronic communications. Letters and any other such type of communication can be sent to the private address of the initiator which can be found within Terms and Conditions & Contact


Translation: Bearnairdine BEAUMONT