PGP & GPG: Email for the Practical Paranoid
Michael W. Lucas
No Starch Press
ISBN: 9 781593 270711
Michael Lucas certainly knows his stuff when it comes to encrypting email and he imparts his wisdom with a light, uncomplicated style that makes this book an easy and enjoyable read. As an introductory text on the subject, it's difficult to imagine a better single-source of information for anyone considering encrypting their private information before sending it across the public network.
Lucas takes his readers through the installation and configuration of his two chosen encryption programs (PGP & GPG) and provides useful insights and excellent practical advice throughout. There's also a brief (but fascinating) introduction to the origins of PGP as well as absorbing discussions on key management and the principles that underpin the web of trust concept. But (and this is quite a big but), there are problems with this book that make it questionable as to whether the cover price represents value-for-money.
Firstly, this really is an introductory text and, unless the reader is a complete computer novice, much of this book is pointless: most users will already know how to install a program using the default installation settings (or know enough to be able to follow the installation wizard) and therefore, the significant portion of the book that describes these processes seems somewhat redundant. That's not to say that there is no useful information in the descriptions (for instance, using hashes or checksums to confirm the integrity of the download), only that too much time is spent describing processes that will be patently obvious to virtually everyone that reads this book.
Then, there's the layout: Lucas glibly skips from discussing one program to another in alternate chapters and this has a calamitous impact on the text's rhythm. In fairness, Lucas does warn his readers that they can skip the chapters that are not germane to their circumstances, but that's not entirely helpful to reader with either a general interest in the topic or is concerned with multiple operating platforms or single encryption programs. Perhaps a better approach would have been to separate the contents into three sections allowing readers to have an overview of the subject followed by comprehensive (and uninterrupted) discussions about each encryption program.
Finally, Lucas provides no information here that is not freely available on the Internet: for instance, try searching online using the simple text string, "installation guide PGP". That there are alternative sources of information is not a problem per se, nor is the fact that many comparable guides are available free-of-charge; however, it does make the near twenty quid cover price extravagant!
If you're too lazy to find your own sources and have some money to burn, this is a great introduction to encryption.