Pretty Easy Privacy (p≡p), is an open source app created by the Swiss-based p≡p foundation. P≡P allows you to use your existing email account and easily send and receive PGP encrypted email to others who either use p≡p or have their own PGP keys. Currently p≡p is available for the Android, Windows Outlook add-on version with a Windows Outlook Reader Only and the iPhone in the works. p≡p code is also already included in Thunderbird/Enigmail add-on and will be used by default later with Enigmail v2.0. You can also find p≡p in the F-Droid app market for download. This app is similar to the Secure My Email app which we reviewed earlier, however the p≡p app is free for non commercial use.
p≡p is a modified version of the K9 email client app; the difference being it offers more security features such as storing email on your hosted email server in encrypted form and a built in system to manage encryption keys while also automatically generating 4096bit encryption key pair for the user. There is no need for third party key management apps as p≡p uses the existing keyring. You can very well keep using APG or Kleopatra or any other keymanager but the idea behind p≡p is to completely eliminate the need to do so. PGP public key exchange between p≡p users is initiated automatically without any server at all. Synchronization and key-exchange happens exclusively over e-mail. Public Key Servers could be used for automatic downloading of public keys, but for enhanced privacy it is turned off by default since Public Key Servers can get whole Social Graph of its users.
Outgoing mail sent with p≡p will always have your public key attached “pEpkey.asc” so if the recipient is using p≡p, it will capture and save the public key for future email encryption by default to that contact. If not, the recipient will conveniently have your public key to send you encrypted email by what ever means he or she chooses. You can also import your private key and users public keys manually if needed and p≡p will search for the recipients public key before sending any emails, encrypting the email before you send it. P≡p offers security and privacy by default.
This key exchange process and decryption of email is seamless and automated if both users are using p≡p making it extremely easy for the average user to send and receive encrypted email without any complicated steps of manually encrypting and decrypting. Users will also be alerted to the security/privacy status of their emails prior to sending by using concept of colors to quickly identify the trust and safety of the message level of security applied to the email.
At a glance:
p≡p supports the user with advanced automation and is fully compatible with OpenPGP
★ it will automatically encrypt your e-mail and attachments, including pictures
★ it can ensure no one can intercept your perfectly encrypted e-mail
★ it is peer-to-peer and uses no central service
★ it works with all your existing e-mail account(s)
★ it can authenticate your communication partner and prevent identity theft
We will be going through the setup process of p≡p so you can see just how easy it is to start encrypting email using p≡p.
Setup Your Webmail to Use P≡P
First you will need to configure your webmail email to be used with IMAP or POP. These settings can be found with your email hosting provider as you will need these values when configuring p≡p. Those settings for some well known email providers can be found here:
If you use OAuth 2.0 token with Google, you can check it here when setting up a new account although it is not required. I was able to use Gmail without OAuth after Google sent me a confirmation email telling me that I was using a less secure means of access (IMAP with a third party app). Once you confirm this “warning”, you can then change the Gmail settings.
choose IMAP or POP3
P≡P Incoming IMAP/POP Email Values
The IMAP or POP3 settings you retrieved from your email service provider will be entered into the next screen as seen here. Once you have entered this information these settings will be verified that they work. If it does not work, go back and double check the information and re-enter it. If you use Gmail, assure the IMAP or POP3 settings have been set in your Gmail account, and that you have answered the confirmation email of allowing IMAP or POP. Do not go past this if the check has failed, you want to make sure this is correct and functions.
P≡P Outgoing Email Values
Set your outgoing email values. Again these settings will be verified upon hitting Next. You want to make sure this is correct and functions before you proceed further.
These settings are configurable to your preferences. Notice it gives you the option here to “Trust server and store mails unprotected.” Keep this unchecked as to assure any email which was transmitted securely (encrypted) will not be saved in clear text on your providers server. Any email transmitted in clear text wouldn’t matter, you can assume this mail could be retrieved and intercepted by anyone which had the means to. This option only applies to newly received and encrypted messages which will then remain encrypted on the server. Older mails won’t be modified as that would at least violate German law (“revisionssichere E-Mail-Archivierung”).
Name Your Accounts
Lastly you can name the account you just configured with p≡p. This allows you to easily differentiate multiple email accounts you have configured with p≡p. This could be anything like “My Gmail, or myusername Gmail” etc. Next enter the name you wish to appear on outgoing email you send.
Verifying User Identities and Trust in P≡P
You are done setting up p≡p. From this point forward you can see the Privacy Status of individual recipients and email by selecting the Privacy Status box. This pop up window allows you to manage the Privacy Status of individual recipient, Ie: You could would verify each recipient with “trustwords” using some secure side-channel communication such as Signal, Silence text messaging or secure voice. Once you are satisfied with verification you can trust a contact. From that point on encrypted email with that individual will show green. you can Stop Trusting a recipient who is Green/Secure & Trusted or initiate another Handshake with a recipient who is Yellow/Secure etc. p≡p uses a trafﬁc light metaphor, extended by the fallback to gray, to indicate the Privacy Status, along with statements which are directly linked to how secure the available communication channel is or was.