K2yo234hkjh23r0a: Encryption, privacy, e-mail, and instant messenging

I am quite pleased to see Google's new option for Gmail to have your Gmail session in https by default. Basically, that means that the data communicated will be encrypted, rather than passed across the Internet in plaintext. Previously, and still, you could explicitly request an encrypted session by designating the protocol to be HTTPS in the URL, like https://www.gmail.com. To ensure your Gmail sessions are encrypted, go to your Settings and scroll to the bottom, and select the option "Always use https".

While there are performance penalties, I think that encryption is generally a good idea. In particular, I find it almost scandalous that Instant Messengers do not offer an option to encrypt your conversations by default. A popular IM encryption software suite, providing plugins for a number of messengers, is Off the Record. Of course, both sides need to be using it for the encryption to work (or how would the otherside decrypt your messages?), so that is a massive barrier to using it commonly.

One "feature" I dislike about OTR is deniability, which I probably don't understand very well. They do not employ digital signatures that would certify messages were from you outside of your current session. This is considered good, I think so that people cannot be held strictly responsible for forged messages purporting to be from them: hence deniability. I can see applications for it, but I think that, while I appreciate the privacy of encryption, I don't necessarily want deniability. I am generally responsible for what I do and say.

The Management

So the demise of Belladonna hasn't had too great a negative impact. I seem to have been able to rescue all (?) of my data onto my external hard drive and my tablet PC skedge suffices for all my needs. However, in quite a few ways, I don't feel comfortable making Skedge my primary system yet. Consequently, a lot of things I used to have set-up aren't. For example, encryption for Pidgin. I am setting that up now, but I've let things go for a while without. My finances are in limbo, in that I haven't updated my budget (and due to a certain sublettee). A dozen desktop customisations that I miss remain missing. I don't even have half of the scripts I used to use so frequently. School puts everything on pause, it feels :| Changes I'm thinking about is to start using public key encryption more, employ content versioning for my /etc, ~/.gnome2 and other configuration directories, get a server running near constantly, etc.