From gWebs Support Wiki
Don't see your question here? Feel free to post your questions on the gWebs forum.
We have the utmost respect for your privacy. Your important data will never be transferred to us, but we may keep track of some anonymous statistics in order to bring you better service.
How do I read encrypted mail from Gmail?
Make sure Gwebs MailCloak is installed and activated (the MailCloak icon on the bottom of your browser should be green.) Login to Gmail. Check mail as usual. If an incoming message is encrypted, you will be asked for a password before you can open it. E Enter your private key's password and click OK.
How do I use MailCloak with Gmail?
Check out our Quick Start
Will I always be able to read my encrypted messages?
No. You must safeguard your private key. If you lose your private key, your encrypted messages become unreadable (and if someone else gets their hands on your private key, your messages become readable to them.)
Can I encrypt only parts of an email? Not the whole text?
Yes, but not automatically. You must manually encrypt part of your message with the encryption tool provided in MailCloak → Options → Tools. Can my messages be forwarded from the receiver to a 3rd party that does not have MailCloak and still
That depends on the forwarder. If they choose to send decrypted text, then yes. If they choose to forward encrypted text, then the message remains secure.
What proof do I have that your company isn't diverting and readng my MailCloak-coded messages?
There are several methods to prove this. One is you can compile or install your own GnuPG, and manage your keys with an external utility. Another thing you can do is use a network monitoring tool to watch all information that leaves your computer. You will never see any communications initiated by our software or any communications with any of our servers.
How will I know if someone has broken into my cloaked messages?
In the unlikely event that someone steals your passphrase and private key, you are pretty much up a creek. There is no good way to tell if someone has been reading your email. But you may notice that someone is sending unauthorized email from your account. So choose a strong password and don't share your password. Don't write it down. Don't do anything that could lead to someone compromising your password.
I have four computers on my LAN; can I have MailCloak on one computer but not on the others?
Yes, This is actually the safest way to use MailCloak because the more places you store your private key, the more vulnerable it becomes to attack. but you will only be able to read your encrypted messages on the system with MailCloak.
Will MailCloak attract viruses?
Encrypted email cannot be scanned for viruses until it is decrypted, so email users cannot rely on their providers to scan encrypted messages for them. However, regular email messages may not contain viruses and malware. Viruses and malware are always contained in attachments. Because email attachments are crucial to most people, MailCloak enables HTML email and attachments, but they aren't automatically downloaded. Remember: only download attachments from people you trust (this is the same for regular and encrypted email).
Is Gwebs able to read the encrypted messages?
No. Your encryption keys stay in your control, so you decide who can open your encrypted messages, not us. Will others be able to see what's on my computer once I download MailCloak?
If your computer has been compromised by malware, MailCloak cannot change that. However, once email is encrypted with MailCloak, a hacker would need both your password and your private key to decrypt mail sent to you.
I use a special webmail program. Can I still use MailCloak?
Currently we only support Yahoo, Gmail, Aol, MSN, Live Mail, QQ, 163.com, sina.com. We are working on adding many more major webmail systems. We also have a domain inclusion plan where, for a fee, we can add your webmail system.
Does it come in Spanish? How about French? German? Japanese? Russian?
Currently MailCloak is only in English and Chinese, but we are planning to translate into many more languages. If you are interested in translating MailCloak into your language, you can contact us.
How do I uninstall MailCloak, once I install it?
Click here uninstall link Can I encrypt an encrypted message twice (or many times) to make the encryption even stronger?
Yes - but this only makes sense if you use different keys for each encryption layer.
I now use a different encryption program, can I also download and use MailCloak too?
Can the government/police/hackers still see what I write?
This question is not as simple as it sounds. It would take the government millions of years to crack a GnuPG encrypted message using brute force. However, it may only take several minutes for someone to guess your password if you don't choose a strong passphrase.
Will it work on my Mac/Linux box?
Not yet, but we are working on Mac and Linux versions. You can also click here for more information about getting an OpenPGP compatible encryption system for your mac
Will MailCloak slow my messages down
MailCloak encrypts email messages fairly quickly – it takes an average of 2 seconds per message to encrypt/decrypt. Once the encryption is done, your email is sent like all other email on the web.
What should I do if my safe identity gets stolen?
Only a combination of the right password and your private key can authenticate you in the User Panel, thus allowing decryption of emails sent to you. If your identity has been compromised you should create a new identity, (migrate and) delete all email that was sent to your old identity, and tell all your contacts that you have switched public keys.
Whom do I call if I have a problem?
You can email email@example.com if you have a problem with MailCloak. Or login to our forum
Do I have to have any particular kind of internet connection for it to work?
No. MailCloak will work over any internet connection.
How will MailCloak affect other parts of my computer?
MailCloak is a simple browser plug-in. It won't affect anything else in your computer.
How can I override MailCloak and send an uncloaked message?
MailCloak will ask you how you want to encrypt any message you send to someone who's public key isn't in your key chain. You can also turn MailCloak off by clicking on the MailCloak button at the bottom of your browser.
Does MailCloak encrypt illustrations, charts, videos, photos and other documents?
MailCloak automatically encrypts all email attachments up to 20 mb, regardless of their format.
Once I install MailCloak, how do I know it's working?
You will see a small MailCloak icon at the bottom of your browser. And when you send mail, MailCloak will ask you how you want to send it. If you are sending email to someone who's public key is in your key chain or receiving encrypted email, Mailcloak will notify you when it encrypting or decrypting automatically.
What do I need to use MailCloak?
A Windows PC, and an email account.
How much does it cost?
MailCloak is free for webmail users and small businesses using google's or Microsofts' small buiness email servers. For medium to large buineses (over 100 employees), or people who have their own email servers, MailCloak costs $29.00 per user per year. The outlook version also costs $29.00 per user per year.
What webmail services does MailCloak support?
We currently support 11 webmail services including Gmail, Hotmail, MSN mail, Live mail, Yahoo mail and AOL mail, as well as QQ mail, 163.com and 126.com. We are in the process of supporting even more webmail systems. What platforms does MailCloak support?
We currently support Mozilla Firefox, Microsoft Internet Explorer and Outlook. Plug-ins for Outlook, Eudora, Thunderbird, and other email clients as well as support for Mac and Linux platforms are all in the works.
How do I use MailCloak on more than one computer?
This is a three step process:
- Use the backup feature on one of your MailCloak systems.
- Save the backed up .exe file to a moveable disk, or use secure email to email it the other computer*.
- Run the .exe executable on the second system...
That's it! You're done.
- If you choose to use email to migrate your identities, make sure you are sending secure email to an established identity with an established public key.
Can someone without MailCloak still send messages to me?
Anyone can still send you unencrypted messages. If they want to send you encrypted messages they must use a GPG compatible program for encryption, click here for more information.
How do I get the latest version of MailCloak?
Click here to download the latest version of MailCloak.
How do I manage my public key list?
Navigate to click: gwebs://config or right click on the MailCloak icon and select options.
What do I do if I accidentally deleted my friends' public key?
Don't worry! Every time you view email from a MailCloak or GPG/PGP user, MailCloak will automatically re-download their public key. If you still have email from them in your inbox, you can open it and the public key will automatically be added back into your keychain. Otherwise you should send them a symmetrically encrypted email asking them to send you their public key again, so you can continue sending them encrypted email.
What do I do if I lost my password or my private key?
It is your responsibility not to lose your password or your private key. Gwebs doesn't even keep our users personal information, and we certainly don't keep your passwords (would you really want us to?) WebmailSafety passwords and RSA private keys are unrecoverable. Should you lose yours, all your encrypted email and files will become unreadable. Make sure you make a backup of your private key (and preferably, keep it offsite somewhere.) Also, make sure you have a password you won't forget. Should you really and truly lose your password or private key, you can create another safe identity. You should then send an encrypted email to notify your contacts that you have changed your public key so that they can begin sending encrypted email to your new signed identity.
How can I get other people to email me with MailCloak (or GPG or PGP)?
There are many ways MailCloak users can exchange encrypted email with their friends. You can send your friend a MailCloak invitiation, which comes with a MailCloak download link. If your friend is using a platform currently unsupported by mailcloak (such as mac or linux) they can use PGP or one of the many GnuPG encryption tools available at http://www.gnupg.org/related_software/. You can also exchange symmetric (password only) encrypted files and emails at http://www.GpgCrypt.com.
What does GnuPG stand for?
GnuPG stands for GNU Privacy Guard. Sometimes GnuPG is written as GPG. What is GnuPG?
GnuPG is free, open source encryption software which implements the OpenPGP standard. GnuPG is available on a wide variety of platforms and can be compiled separately and then installed into MailCloak for added piece of mind. You can learn more about GnuPG at http://www.GnuPG.org.
What Kind of Encryption does MailCloak Use?
MailCloak uses GnuPG for encryption. GnuPG uses GPG/PGP public key encryption with a choice of algorithms including El Gamal and RSA. MailCloak can uses Keys of up to 4096 bits.
Why should I use MailCloak?
It's extremely easy for unauthorized parties to snoop during the email transmission process, and if you are sending email in plain text, your personal and business information is readable to the world.
Intercepted email can result in big financial losses as well as illegal and malicious use of your private information.
You might think that you never send anything important in your email, so you don’t care if anyone intercepts it, but anytime you send a piece of personal information, you may be giving identity thieves another piece of the puzzle. Any
MailCloak encrypts all your email and attachments with 4096 bit GPG encryption - the strongest email protection available to the public. With MailCloak you'll never have to worry about intrusion or snooping by unauthorized parties. Your email service provider doesn’t have access to your emails, and our GnuPG encryption is so strong that it would take a billion billion US governments a billion billion years to crack.
What is Public Key Encryption? How does it work? What should I know about it in order to use MailCloak?
You know that MailCloak uses GnuPG for public key encryption, but what is public key encryption? The following is a basic description of public key encryption.
Public key encryption uses keys to encrypt and decrypt messages. When you first use MailCloak you will generate a key pair – a public key and a private key.
The Public Key
The public key is used to encrypt messages that may only be decrypted with the private key.
You can attach your public key to all your email and make it publicly downloadable on your website or blog, because anyone who has it can send you encrypted email.
The Private Key
The private key is used primarily to decrypt messages encrypted with your public key, but it can also be used to encrypt your digital signature so it can only be decrypted with your pubic key.
You should back up your private key and keep both copies somewhere completely secure – never share your private with anyone, email it, upload it to a website or transfer it over any insecure medium. If your private key gets copied, the copier will be able to read your encrypted email or impersonate you by using your digital signature to sign documents.
Here’s the point: you can share your public key with everyone, and then they can use it to encrypt messages which can only be opened with your private key. Since you never share your private key, that means only you can open messages sent to you. In addition, since no one else will have
For a more thorough treatment, you can read this: http://en.wikipedia.org/wiki/Public-key_cryptography
How does MailCloak Work?
Quite simply, MailCloak intercepts your messages before they leave your computer, encrypts them, and then sends them on their way. For a more detailed look at how it works, read on.
When you click “send mail” in Yahoo! Mail (for example), your web browser bundles your mail message into a “post” message, and then sends the post message to Yahoo, where your mail is then processed and sent over the web to the recipient. Gwebs MailCloak uses custom Stack-Interception Technology (SIT) to intercept the message after it is bundled but before it is sent. Once MailCloak has your message it tells the browser to “hang on a sec.” Now MailCloak runs your message though GnuPG, encrypting the content. When encryption is complete, MailCloak repackages the message so it’s ready to “post” again and then passes it back to the browser with a wink, and then the browser sends your message off to Yahoo as usual.
All versions of MailCloak use SIT – so that model works the same way in Outlook as it does in Firefox.
I use MailCloak on Firefox and a gmail account but I can not send an encrypted email. The tab in the browser says"Loading..."
MailCloak may be incompatible with one of your other extensions. (are you using DownThemAll!?) Try disabling other extensions and see if that helps.
How do I perform a key exchange?
- In order to send encrypted email with MailCloak, or any PGP or GPG compatible encryption system, you must first exchange your public key with your communications partner. Your public key will be used to encrypt email so that only you can read it. You will then use the combination of your private key and your password to decrypt it.
- Sending someone your public key is automatic once MailCloak is turned on.
- When the recipient receives your public key, it will be added to their keychain, and they will automatically send you an encrypted reply with their public key.
You can try testing mailcloak by sending us email -email firstname.lastname@example.org and we'll get back to you with our public key within 24 hours. When we reply, our reply will be encrypted (because we now have your public key) and when you receive our message you will automatically import our public key. Go ahead and reply to our message to send encrypted email. At this point MailCloak will ask for your password, and when you click OK, MailCloak will encrypt and send your email.