Google releases Google Sync for iPhone, WM, SyncML

Google has just released a beta of their latest mobile service — Google Sync. This service makes it possible to sync your Google Calendar with your iPhone, Windows Mobile or other SyncML client, for free!

They use the Microsoft ActiveSync protocol, meaning that support is already built-in. To enable this on your phone right now, go to the Google Sync website and follow the straight-forward instructions. Be sure to backup your calendars and contacts beforehand though, since all information will be erased on your phone.

The easiest way to manage the contacts is to enable syncing them to Google using iTunes. Instructions for this are available as a part of the setup process on the site, so there is no need to worry.

The above mentioned process will enable synchronization of the default calendar only! If you want to access multiple calendars, or even imported calendars which are owned by others, you need to go to m.google.com/sync using your phone as the Google help pages suggest.

There is a problem however, this does not work with Google Apps domains. To sync multiple calendars with a Google Apps domain, first make sure that you are using the “English” language on the website. There is a link to switch if you don’t.

Second, don’t go to the page mentioned in the help section, but instead go to m.google.com and choose “Sign in with your Google Apps” link. When you have signed in, there will be a sync icon presented, which will take you to your calendar sync settings. From there you can add multiple calendars, which will then automatically be synced to your phone.

One downside of using Google Contacts instead of the local Address Book is that the photos aren’t synced properly. There is however an application available for Windows with no name that syncs the photos from Facebook to your Google Contacts account. While this might not be the best option, it definitely beats not having any pictures at all.

Postbox — a new take on email?

Postbox Logo

Postbox is a new application for managing email. It has some serious competition to deal with, like Outlook, Thunderbird and Apple Mail. Postbox does mail in an intuitive and fast way, which makes it easy to manage messages and actually get things done. Their website sums it up quite well.

“Postbox is a new way to manage online communication. It lets you spend less time managing messages and more time getting things done.”

“Postbox lets you organize your mail by topic so you can focus on one thing at a time.”

“Postbox works behind the scenes to catalog everything in your email.”

“Once you’ve found it, you can really start doing things. Postbox is designed to break down barriers. Any mail content can be annotated or combined with information from the web to create new mail messages.”

The application itself seems to be based on the upcoming Thunderbird 3, judging by the looks alone. This means that it benefits from all great things from the Mozilla suite, such as great spam filtering, clean looks, tabs and client certificate support for IMAP. It does however mean that it uses the XUL interface, which in itself isn’t a bad thing, but it does not integrate very well into the Mac environment.

Postbox main window

Postbox main window

Looking at the main window reveals a wealth of information. To quickly view attachments, images, links and contacts there is a shortcut bar on the tab bar itself.

The application puts a big focus on tags, or Topics as they are called in the application. It is very easy to add and view Topics. Having Topics on messages makes it very easy to find messages relating to different projects or keeping on top on what to do next.

Topics / Tags

Topics / Tags

One of the cool new features is the ability to annotate messages. This makes it possible to edit email and add your own text and title to it. Then you can either replace the original message or create a copy.

Annotate view

Annotate view

Messages are threaded in a beautiful Gmail style view, sorted chronologically. On the top a list of included authors are displayed for an easy overview.

Thread view

Thread view

I will post a review later when I have had time to try it out for a few weeks. It looks promising, but it has to fill some great big shoes if it will replace Apple Mail as my default email application.

Postbox is currently in closed beta, but add your name to their waiting list and you will be notified when it is available for download.

[Postbox]

How to send secure email using PGP

One of the biggest deficiencies in a virtual world is that authenticating a person is very hard. In the real world we can rely on our eyes, photo ID and other things. Neither of these things work directly in the digital world.

So, how can we authenticate users? Using PGP to fill this gap is very common, and this is what I will discuss today. PGP has a stormy history, but I will not go into that here, but instead refer you to the PGP Timeline.

What is needed to send secure email, files or other types of messages to people over the internet? We will use the GnuPG package, which should be easily installed in just about any system, including Windows. In a Ubuntu or other Debian based system, just write apt-get install gnupg and you will be all set.

You should also install seahorse, which is an application for gnome which enables you to easily manage your keys. The application should the be available under Applications -> Accessories -> Encryption keys once you have it installed.

The first task is to create your very own key-pair to enable you to sign your messages and to let others send encrypted messages to you. By choosing Key -> Create new key and then selecting PGP Key, you will be presented with a form where you enter your details. You will then be presented with a password entry for your key, and it is crucial that you select a very long password. It should preferably be longer than 20 characters.

createkey.png

You should create a key which is at least 3072 bits long. This will provide protection for a long time in the future. While you are at it, you might as well use 4096 bits. Note that it will take a while for the key to be generated, so please be patient.

Now that you have your own key-pair, you should first of all export the key by selecting the key and clicking properties. The key must be kept it in a very safe place, such as a safe or in a bank.

You may now select Sync and publish keys in the Remote menu to upload your key to a public key-server, such as pgp.mit.edu. This will enable others to easily get your public key automatically.

If you use your favorite text editor and open ~/.gnupg/gpg.conf and enter the following two lines in the end, GnuPG will try to automatically fetch public key when they are missing:

keyserver hkp://wwwkeys.pgp.net
keyserver-options auto-key-retrieve

To actually use GnuPG now, you will have to configure your email client for this. Evolution has built-in support for PGP and support for Mozilla Thunderbird can be added by installing the enigmail extension. Ubuntu users may install the mozilla-thunderbird-enigmail package.

evolution-gpg.png

Note that it is advisable to check Always encrypt to myself. Without this setting, you will not be able to read encrypted messages you send to other people!

You are now ready to send and receive encrypted and signed mail!

But, you say, how does this key identify me as a person? Well, it doesn’t – yet. To do this, you must sign other people’s keys, and have other people sign your key, meaning that they vouch for your identity.

This is normally done face-to-face or in bigger key-signing events. The general principle is that you will bring the fingerprint of your key, and others must then verify that the key is correct. You must also you a valid photo-ID, and here is the key – by showing your photo-ID, you have tied your PGP-key to you as a person. You can get more information on key-signing events by visiting The Keysigning Party HOWTO.

This means that you must be very thorough with the verification procedure, since it is the ground on where the principles behind the PGP trust model rest. If this is not done correctly, the whole encryption is void, since you really don’t know who the person in the other end really is.

So, to sign someones key, just open the properties for that key and select the Trust tab.

trust-tab.png

Here you should click the top check-box when you have verified the person using photo-ID and checked the fingerprint of the key. Seahorse will automatically synchronize your key with a key-server once you have signed the key. The check-box underneath is where you can select whether to trust the signatures of the person you are signing. If you check this box, you will automatically trust all keys which the person you just verified trusts. Remember that you should not tick this box if you believe that this person does not manage his keys correctly, or has some other reason to distrust his signatures.

Note that all steps mentioned in this article can be done using the command-line tool gpg. If you want to use this way instead, just read The GNU Privacy Handbook or try gpg --help for some general information.

I have now just discussed the basics of PGP, but do not feel afraid to explore the possibilities. A good place to start is The GNU Privacy Handbook where you can read more about PGP and more specific GnuPG. If you have decided to try PGP, you are welcome to send me a signed and encrypted test message. My key-ID is 0x98CEC53A and it can be found on most key-servers. To find people using PGP in your neighborhood, log-on to Biglumber and do a quick search.

Privacy is becoming more and more important in the world. I hope that you will try this out and spread it to your friends and family. In the end, we should all hope for a safer, more secure and open society.