Book Review : PGP & GPG : Email for the Practical Paranoid

January 13, 2013
Sending email unencrypted can be compared to sending a postcard. Anybody who choose to can read the contents of your email. You should know that there are various tools available that makes it easy for strangers to snoop into email you send to your people. If you want to ensure your email is secure and it is read only by its intended recipients, then you should consider encrypting your email.


PGP & GPG : Email for the Practical Paranoid


PGP & GPG : Email for the Practical Paranoid
In his Introduction, Michael.W.Lucas provides an overview of the history of PGP encryption, how it has evolved, the differences between PGP and GnuPG, and how OpenPGP encompasses both PGP and GnuPG. This book isn't an exhaustive work on cryptography. However, the author does cover a broad spectrum of OpenPGP, PGP, and GnuPG topics.

There are a total of 11 chapters in this book dealing with various topics related to encrypting your email. The chapter line up looks like this -

1. "Cryptography Kindergarden" - Covers the basic idea behind encryption.
2. "Understanding OpenPGP" - Teaches you the basic ideas underlying OpenPGP such as the Web of Trust, keys and subkeys, keyrings, and keyservers, how to safely handle your key and so on.
3. "Installing PGP"
4. "Installing GnuPG"
5. "Web of Trust" - Discusses how OpenPGP keys are connected to one another, identity verification, and keysigining.
6. "PGP key management"
7. "Managing GnuPG keys"
8. "OpenPGP and Email" - Discusses how to integrate OpenPGP into your email and some of the issues that can arise with email usage and PGP.
9. "PGP and Email"
10. "GnuPG and Email"
11. "Other OpenPGP considerations" - Shows you how to deal with some of the things that can go wrong with OpenPGP, how to use OpenPGP as part of a group of people, and how to use some other significant features in GnuPG and PGP.

Book Specification


Name : PGP and GPG - Email for the Practical Paranoid
ISBN No: 1-59327-071-2
Author : Michael W.Lucas
Publisher: nostarch.com/pgp.htm
No of Pages:  ~ 200
Rating : * * * * * [5 Stars]

My review of the book


It is an easily read book targeted at common folks and requires little if any technical know how. The author has succeeded in making a topic such as "Encrypting your email" quite simple for the lay person. For example, I started reading the book with practically zero knowledge about cryptography and I was able to follow all the concepts explained in the book. The author has done a splendid job of removing the complexity from a seemingly complex topic.

I did find some of the chapters too similar. For example, "Installing PGP" and "Installing GnuPG" could have been clubbed into one chapter. Similarly, chapter 9 and 10 could have been combined into one. Of course, that in any way do not diminish the book's value.

For the command line enthusiasts, two very good appendices are also included that explain how to achieve most of the tasks using command line switches of PGP and GnuPG tools.

Email is one of the most common uses for computers and one of the primary methods of communication for many people. Email messages are not usually encrypted or protected in any way. Popular webmail services such as Gmail do provide some security by encrypting the messages while in transit using HTTPS but majority of them still don't. If you routinely send sensitive information via email, then you should look into encrypting your email before sending them.

The concept of encryption is a rather dense subject to understand especially for people with a less technological bend of mind. But encrypting email or digitally signing ones email become inevitable where the stakes get high such as while conducting business and it is here that programs such as PGP and GPG adopt a larger role.

This book - PGP & GPG Email for the Practical Paranoid" will help you learn how to encrypt your email. It's practical hands on structure serves a useful purpose. This book contains all you need to know about encrypting & digitally signing your emails using the twin tools of the trade - PGP and/or GnuPG.

When I pick up a book the first thing I note is the design of the book. I feel, just because a book contain good content will not guarantee that the book will actually be read. It should also be packaged in a way which is pleasing to the eye. And this book from No Starch Press comes on top in both content as well as structure and design.

From a design perspective, the book is a joy to read. The author has provided numerous tips that are highlighted in an eye catching manner. Lots of screenshots of are included in the book that makes certain tasks self-explanatory.

About the author


Michael W.Lucas is a network and security engineer with extensive experience working with high-availability systems, as well as intra-office and nationwide networks. He is the author of the critically acclaimed "Absolute BSD", "Absolute OpenBSD" and "Cisco Routers for the Desperate" books.