This is a blog I am writing in response to Joan McCarter's Daily Kos article on encryption. Definitely give it a read, this is just an addition.
www.dailykos.com/...
First off, you definitely need more encryption. The more people who do it, the safer everyone will be from online hacking, snooping, etc. But remember nothing is completely secure. Part of the idea of encryption is, yes it will slow down who ever wants to hack you, but also, if there are millions of highly encrypted messages to decode, rather than hundreds, it gets exponentially harder to decrypt anything.
How to start without becoming a cryptographer:
Get an encryption buddy. There are plenty of difficult concepts and unfamiliar jargon when talking about encryption. The good news is you don't need to understand much of it. What you do need is ways to test whether or not you can in fact send and recieve encrypted messages. Having some other person to test and play around with different apps, software and messages can not only help you both figure things out faster, it can also make it a little more fun.
Some simple apps can help. As mentioned in Joan McCarter's article, Signal is a great way to send and recieve encrypted SMS messages. There is also Whatsapp, which also allows you to make encrypted calls. As with any secret messages, the recipient needs the key, which for these 2 apps means that they must also use the same messaging app. Both apps will let you invite your contacts to install the app.
For email, Protonmail is absolutely the way to go. They use automatic 2 Factor Authentication to encrypt your emails and inbox, which means they can't read anything (Google's 2-Factor Authentication means it's just harder to hack, they read everything). And it's based in Switzerland so, a U.S. court order would not work. You can also password protect individual emails and set an expiration date so the recipient can't read the message after a set time or date.
Everyone has heard about using unique passwords per site, and very, very few people do. Get a password manager and use it. There are plenty of good ones, but my choice is Encryptr for Android. It's a zero knowledge system so the makers (Spider Oak) can store your data, but again, they can't read it. It's US based, so court orders are an issue, but since they can't read it, at least immediately, it's a pretty secure app. Spider Oak also has some other neat apps with the Zero-Knowledge model.
The Electronic Frontier Foundation has some nice, user friendly tutorials about how to get started in encryption and what it is encryption does. They also make 2 firefox plug-ins called HTTPS Everywhere and Privacy Badger. Use them.
Another group, The Guardian newspaper, has created a few Android Apps for security and privacy generally built for reporters or activists, they are just fine for every day use (these are also the folks who created Signal messenger). It includes a pretty user friendly Tor browser for mobile phones (it's actually 2 apps so you need both Orbot and Orfox to use the Tor network).
If you go to the Guardian Project's, page, you'll see an App Repository called F-Droid. It contains only Free Open-Source Software for Android. On your phone, you'll need to go to Settings->Apps->Allow Unknown Sources, but other than that it's easy to use. And the apps from F-Droid often don't track you or have ads.
Down the rabbit hole with a tin hat.
If you want to go completely nuts on encryption, check out Prism-Break.org. Some of their recommendations are very user friendly, some are not, but you will have tools to encrypt pretty much everything you have and opt out of many corporate surveillance systems.
If you want to keep your email address, but still be able to send encrypted messages, try Thunderbird mail and Enigmail. Thunderbird is Mozilla's Mail Client (like Outlook) and Enigmail is it's encryption plug in. You'll need to set it up and create a key, which is fairly simple for most email accounts. It collects you "webmail" (gmail, yahoo, etc.) and can store and encrypt mail on your local machine. You can also set up 4096 bit encryption which is a bit better than the so-called military-grade 256 bit. Here's Mozilla's tutorial to get started.
As I said, this is just an addition to Joan McCarter’s article, please check that out as well.