PEP: Pretty Easy Privacy provides easy access to privacy services from within Eudora and Eudora Pro. PEP supports MacPGP, anon.penet.fi and cypherpunk (cpunk) remailing services. PEP is not meant to replace MacPGP’s interface, or to provide access to all of its functions. In particular, PEP provides no help with MacPGP’s key management features. It is designed to make it possible to use the PGP features people use most, encrypt/sign/decrypt, from within your e-mail application with a minimum of user effort.
OneClick, MacPGP, Eudora or Eudora Pro
PEP consists of two parts: the privacy palette and a button to pop it up. Import the palette from the OneClick editor within Eudora. You can use the palette alone if you check “show in menu” or you can use the popup button. To use the popup button, open the file “privacy.lib” from the libraries pane of the OneClick editor. Drag the button “popup button” to a convenient palette. Clicking the button will show or hide the privacy palette.
Sign Button: When you first click the sign button, a menu will pop up with the options “Add…” and “Delete…” The sign buttons keeps a list of the names on your PGP secret keys, you use the Add and Delete items to adjust that list. The first time you use it, choose “Add…” Enter the name on the PGP key you want to use to sign the message. You don’t have to enter the whole name, just a substring; MacPGP will use this name to choose the correct key. Now, click the button again. The name you just entered will be at the top of the menu. If you select the name, the front message in Eudora will be signed with that key. You can add as many names as you like to the menu. Deleting names is as easy as adding them. Just choose “Delete…” from the popup menu. Select the name you want to delete, and click “OK.” Done 🙂
Encrypt Button: This button functions in a very similar manner to the sign button, however there are several extra options. You can add and delete names to this menu, they will appear at the top of the menu. Selecting one encrypts the current message in Eudora to that name, as long as PGP has the key for that person. You should add the names of people you encrypt to often to the menu. There are two new commands on this menu: “To:” and “Other…” Choosing “To:” uses the current recipient of the mail message. “Other…” displays a dialogue which you use a name not in the menu, and have it not saved. At the bottom of the menu you will see the list of names from the sign menu. (If you added any.) Selecting one of these names places a bullet next to it in the menu. If you encrypt when a name is bulletted, the message is signed with the bulletted name. Choosing another name from the signer list will bullet that name and unbullet the previous one. If you would like to unbullet all the names, just select the currently bulletted name.
Decrypt Button: Click on it and it passes the current message in Eudora to MacPGP. The decrypted/verified message is displayed in MacPGP. (Yeah, I know that sucks. Anyone got a better way of doing it?)
Penet.Fi Remail Button: This button formats and routes the current message in Eudora through the anon.penet.fi (Julf’s) remailer in Finland. To do this, it needs to know your password. The first time you click it, it will present a dialogue asking for your password. If you don’t want your password saved, just enter “Ask” in the dialogue box. The script will then ask you for your password each time it is selected, and will not save the password. Option-clicking the button allows you to change your password.
Rebuild CPUNK Remailer List Button: This button builds a list of reliable cypherpunk remailers that support PGP encryption. To do so, it uses Eudora’s “Finger” facility to get a list of remailers from one of the publicly available remailer rating services; consequently, this button only works when you are online. To rebuild your list, click on the button and select “rebuild list” from the menu that pops up. Why is there a popup menu with only one option? Because rebuilding the list takes a few minutes, the button provides an easy way to cancel the process if you clicked the wrong button.
Get CPUNK PGP Keys Button: This button gets the current PGP keys for the cyperpunk remailers. The keys are passed to MacPGP so they can be added to your public keyring. You must have these keys to use the cyperpunk remailing service, and the CPUNK Remail button. Like the previous button, this one works through Eudora’s finger facility so you must be online to use it. Be warned: adding the keys to your keyring takes quite a while, and MacPGP will need your help to do it.
CPUNK Remail Button: This buttons formats, encrypts, and routes the current message through a cypherpunk remailer. When you click it, it will display a popup menu of reliable remailers. (This is the list you got two buttons ago.) The message will be formatted, encrypted, and routed for the remailer you selected. You can use the button as many times as you would like on a message.
Build CPUNK Reply Block Button: This button creates a CPUNK reply block for use with c2.org type NYM servers. It is currently disabled and invisible. A working version will be released shortly as an update.
Be advised that the scripts save all the information you enter in a plaintext file “privacyprefs” in your OneClick folder. The text of any messages that you encrypt is wiped from the drive by PGP, and your PGP password is not written to disk by the scripts.
Please don’t screw around with my scripts; the last thing I want is a whole bunch of different versions floating around. Feel free to request features, though. If you have a change that you think is good, e-mail it to me. I will try and include it in the next release. I am actively looking for individuals to port the script to other e-mail applications (Claris eMailer, FirstClass, MS Mail, cc: Mail, QuickMail.) If you would like to participate, e-mail me at [email protected]
The Future of PEP
Here is a short list of the features already planned for the next version.
- Working CPUNK Reply Block Button
- Automatic creation of NYMs.
- Emailer compatibility
- Eudora 3.0 Compatibility (all the buttons, except those that use Eudora’s “Finger” function are compatible with Eudora 3.0)
- Encrypt to multiple recipients
- Sign/Encrypt attachments
The buttons are freeware, which means you don’t have to send anyone any money. However, I put in an extraordinary amount of time on this project. So, I’d like to ask for contributions. I mean, you do want to support quality privacy software on the Mac, don’t you? You’d be much happier if I had the time to work on full scale privacy applications instead of for some big corporation’s MIS department, wouldn’t you? If you’d like to make some sort of donation (money is always good), please e-mail me at [email protected] for the address.