Thanks to Dreamhost’s Let’s Encrypt initiative, plus a little nudging while setting up the iOS version of Ulysses, the (simple but very powerful) editor I’m using for writing posts here, my site is now HTTPS enabled.

For those who don’t know the terminology, all that means is that all traffic between my blog and your web browser is encrypted, and cannot be read by anyone who might intercept the data stream in transmission. You don’t have to do anything, it just happens automagically in the background.

While there’s nothing here that really requires the transmission to be encrypted — I don’t sell anything or have any reason to ask for sensitive information, which is the primary use case (and why HTTPS is used by financial institutions, shopping site, and so on) — I’m increasingly of the opinion that it’s just good practice to encrypt whenever possible.

Think of it like sending a physical letter to a friend via traditional snail mail; there might not be anything in the letter that needs to be kept private, but I’d still be pretty disturbed if I got a letter from someone and saw that the envelope had been opened so that someone else could read the contents.

Of course, with electronic communication, there’s no ripped envelope to let you know that someone’s taken a peek at what you’re saying or reading. Unsecure websites (or emails) are more like sending postcards: while for most people it’s pretty unlikely that anyone between the sender and receiver would be reading the postcard, it’s entirely possible that it could happen. Adding encryption means that not only is there an “envelope”, but it’s an envelope that can’t be opened by anyone but the receiver.

Good security isn’t paranoia. Just a good idea.

(Incidentally, I’m also set up with PGP encryption for my email, and would use it more often if I knew my contacts were similarly set up. Just contact me for my PGP public key if you’d like to securely email me (I’ll get it posted here eventually, I’m just finding bits and pieces of my site that need to be recreated after letting it lie fallow for so long, and that’s one).)

So, security and privacy have been in the news a lot lately, particularly with Apple’s fight against the FBI over accessing data on an iPhone. This is something that I pay attention to, and try to make sure I have the option to do, not because I feel I’m doing anything that needs to be hidden, but because I believe that personal privacy is important, and because I don’t think the government (or Facebook, or Apple, or Google, or any other company) really needs to have unfettered access into my life.

But I’m a little curious how many people I know actually take steps to protect their communications. I’ve only seen a few people actually mention using overtly privacy-conscious applications, and though I have a few installed, since I don’t know of that many other people that bother, they don’t really get used all that much.

Here’s what I’m set up with at the moment, in case anyone’s interested. I’m also open to suggestions for other possibilities.

For email, I have Apple Mail on my desktop computer set up to use PGP encryption (through the GPG Tools suite), and have iPGMail on my iPhone and iPad so that I can en/de-crypt messages when mobile (it’s a little kludgy, but workable).

For messaging, I have both the Signal and Telegram messaging apps on my iPhone, both of which boast secure end-to-end encryption for chats. I can be reached through each of those via my phone number, which either you have, or can be asked for, since I tend not to post that entirely publicly.