Sometimes you wish to protect data on your compute devices by more than permissions and ownership. Encryption may be the method chosen.
BE AWARE encryption is a double edged sword. If you lose or forget the key, you will have the same problem accessing your data that you are wanting to use to thwart others.
So, what are some options?
Security by obscurity. Name the file with an benign name. Change the extension to prevent default application from opening.
e.g. squash recipie rename from resume.doc
For windows and MacOS you can adjust permissions on files and folders so others can not read or modify those files and folders. There are many ways to overcome such settings. Slightly more protections of the intended data than obscurity.
You can also "hide" files and folders so others will need to expend more effort to "find" the hidden data.
Windows: attrib +h +s path\filename
MacOS: chflags hidden path/filename
Linux: add a leading dot "." to the filename
You can encrypt documents/spreadsheets/presentations and other data in most office suites. Select the desired document and use the office suite utilities to encrypt and decrypt the desired data.
AGAIN, if you lose control of the encryption key or passphrase you will lose access to the data you are intending to protect. Also, the encryption used by most office suites are more easily broken by tools on the Internet.
You can purchase external media that has encryption capabilities.
Size, connection methods, encryption strength, capabilities, and other factors will influence that purchase.
Bio-metrics for encryption key control is also a double edged sword. Finger print enablers are better for loss of encryption key control, but not if you lose that finger or you need to have the data passed to an heir or spouse.
Full disk encryption can protect a drive on the compute platform you want to protect via encryption. If your platform is stolen or you lose physical control then the drive will need the encryption key or passphrase to access the data.
A more controlled approach is to use encryption applications or utilities to provide protection via encryption.
TrueCrypt was the popular encryption app for many years. Open source, flexible, dependable, free. VeraCrypt is the current fork of the TrueCrypt utility.
Other encryption utility offerings include DiskCryptor, Cryptainer LE, and Challenger.
Users needs vary. One should determine their needs and use the above and other options to fit those needs. If your needs change, revisit the options available at that time.
These methods offer a level of data protection. As with most things, you need to protect the protections.
Tuesday, December 17, 2019
Monday, December 16, 2019
TAILS
The Amnesic Incognito Live System TAILS is a Live System (booted from USB, DVD or similar) on an existing personal computer system with an x86-64 architecture. Most of the later PCs and Macs.
The latest release as of this post is version 4.1 released December 3, 2019.
Since TAILS is a "live" system, it can not and does not write or use the booted system's disk drives. It will and does use the other components of a system. The network, keyboard, display, mouse, etc.
TAILS is designed to be security focused to help preserve privacy and anonymity. How secure, private, and anonymous is TAILS?
Edward Snowden used TAILS.
It has been mentioned the more secure way to do online banking, financial tracking, and online shopping is to use a Linux based machine with a USB tether cord to a cell phone with Wi-Fi and Bluetooth radios disabled. This will use the cellular network for network access.
Your computer experience will be slower when using TAILS. The system is then using a slow USB disk drive and filtering a LOT during any network activity. Using TAILS should be safer, not safe. If you provide your credentials to a rogue WEB site, no amount of security, anonymity, or privacy will prevent those actions.
DO NOT DO ITEMS LIKE THIS!!
The latest release as of this post is version 4.1 released December 3, 2019.
Since TAILS is a "live" system, it can not and does not write or use the booted system's disk drives. It will and does use the other components of a system. The network, keyboard, display, mouse, etc.
TAILS is designed to be security focused to help preserve privacy and anonymity. How secure, private, and anonymous is TAILS?
Edward Snowden used TAILS.
It has been mentioned the more secure way to do online banking, financial tracking, and online shopping is to use a Linux based machine with a USB tether cord to a cell phone with Wi-Fi and Bluetooth radios disabled. This will use the cellular network for network access.
Your computer experience will be slower when using TAILS. The system is then using a slow USB disk drive and filtering a LOT during any network activity. Using TAILS should be safer, not safe. If you provide your credentials to a rogue WEB site, no amount of security, anonymity, or privacy will prevent those actions.
DO NOT DO ITEMS LIKE THIS!!
Before the version 4.1 release building and deploying a TAILS distribution on bootable USB or DVD required multiple media and steps to build the final TAILS system. Reason being the build environment needed to be secure to build the more secure TAILS system. Building TAILS is a simpler process now. If you wish to try TAILS I can provide a ready built TAILS USB.
TAILS is a Debian based Linux distribution using Tor networking and Tor browser for privacy and anonymity. Tor (The onion router)
uses many routers across the Internet with encryption at each of the many points between the sending and receiving nodes on the network. The Tor browser uses DuckDuckGo as a search engine and Tor for networking. The Tor browser also has HTTPS Everywhere for transparent encryption, NoScript for JavaScript control, uBlock Origin for advertisement control.
TAILS has many other utilities, features, and settings to make it more useful than just a more secure browsing platform.
A virtual keyboard to prevent key loggers, LibreOffice suite, a digital wallet, and many more.
To use TAILS you need a machine you can enable booting from a USB or CD/DVD drive. Some systems provide a boot block to prevent booting removable media as a security measure. A search engine may provide the method to enable booting from removable media.
Once you have the ability to select USB or desired media you should see a screen similar to:
Use the ENTER key or wait for the countdown.
I have found it best to wait until the TAILS system is up and functional before adding the smart phone USB tether cable with Wi-Fi and Bluetooth disabled. Using a USB HUB if your system has only one USB port may not work.
Next
I recommend using the + button to set an Administrator password.
Then use the Start Tails button to get the desktop, select the Tor browser, then visit the WEB site(s) where you want added security anonymity, and privacy.
Subscribe to:
Posts (Atom)