Are your private files — and intimate photos — really safe? What if your online drive gets hacked and leaked? What if your laptop gets stolen?
Don’t lose your privacy. Don’t get blackmailed. And don’t become a victim of identity theft.
It’s time you use an encryption cipher so strong that even the CIA and NSA use it — for top-secret classified files.
Why encrypt your files?
Passwords can be bypassed
Anyone can bypass the password protection on both your computer and smartphone. There are known hacks in Windows and other operating systems (OS). There are even cracking utilities to break into a password-protected computer.
Still, feel your files are safe behind a login screen?
Devices can get stolen or lost
Let’s not forget that USB drives and external hard disks are both easy to misplace. Laptops and tablets can be stolen.
Are you okay with anyone accessing your confidential work files?
Read on to start encrypting your sensitive files and folders — with the same cipher used for classified documents.
What you should be doing – encryption
Encryption protects your sensitive data from unauthorised access. It does so by converting your files into complex code. Without the correct password or cipher key, no one can access your files.
But, aren’t modern computer drives all encrypted?
They are. But, bypassing the login screen of a stolen computer is still possible.
Here’s one way to bypass login for Windows 7, a disk-encrypted OS. Later versions of Windows have patched the security flaw, but you may never know if there are other vulnerabilities in any operating system.
Needless to say, USB drives and external hard drives are even more vulnerable because they aren’t password-protected by default. Imagine misplacing them when travelling abroad, only to find someone using your credit card (or cancelling your flight booking).
What you need to do is to store your sensitive computer files in an encrypted folder. Then leave this folder on your laptop, external drives, or even cloud storage server.
Who exactly needs encryption?
Regular folk
Contrary to popular belief, encryption isn’t just for people with something to hide. Regular people need to protect sensitive data too.
Sensitive data includes tax returns, bank statements, intimate photos, confidential work files, and more. It is easy to become a victim of identity theft with so much information on your computer stolen.
Professionals, activists & whistle-blowers
Even more so, there are professions that need a higher level of privacy. This means lawyers, journalists, human rights activists, auditors, medical professionals, and government contractors.
Imagine if client files fall into the wrong hands. This could mean a drastic outcome in the courtroom for lawyers. Or, if journalists get their data stolen, they could get targeted by powerful politicians. That could mean lawsuits or something much worse.
Travellers
Travellers ought to encrypt their USB drive and laptop too. If you’re travelling abroad for training, the likelihood of losing a device is higher than normal.
If you haven’t encrypted the lost device, your travel itineraries may get leaked and tampered with.
Which cipher should you use?
To secure your files, you need an encryption program that uses one of the top ciphers in the world. This list includes the AES (Advanced Encryption Standard), Twofish, and Serpent ciphers. None of these ciphers was ever successfully broken.
The safest bet is to use the AES with a key of 256 bits (instead of 128 or 192 bits).
The US government uses the AES (256 bits) to secure top-secret files. Breaking this cipher supposedly takes 2 billion years with one trillion machines testing one billion keys per second.
In theory, it’s not impossible to crack any cipher. But, the billions of years needed (by expensive supercomputers) to crack it makes your stolen encrypted files useless. Everyone will be long dead before your data is cracked.
If AES (256 bits) is good enough for the CIA, NSA, and FBI, it should be good enough for you.
Available Encryption Programs
There is a couple of software that provide encryption, including BitLocker and FileVault. These two programs come with some versions of Windows and Mac OS X 10.3 (and above) respectively.
Make use of them. Both programs use the AES cipher for encryption. And, they are perfect for regular folk.
However, if you’re in a profession that needs greater privacy, there might be a problem.
It’s not the problem with the cipher, but it has to do with possible backdoors…
The Problem with BitLocker & FileVault
There really is no telling if Microsoft and Apple have been coerced by government agencies (like the NSA and FBI) to add a backdoor to their encryption programs.
What a backdoor does is deliberately allow another way for law enforcement to bypass the encryption totally. This weakens protection because, in theory, hackers can discover and use the backdoor to access your files as well.
Historically, the FBI has asked both Microsoft and Apple to install a backdoor in their code.
While Apple has challenged the FBI’s request to do so, there is no telling what will happen in the future. As for Microsoft, the FBI has pressured them to add a backdoor to BitLocker in 2005.
In both BitLocker and FileVault, we have no idea if they’ve complied with the backdoor request. Their closed-source code doesn’t allow unbiased third-party security experts to audit it.
So, use something else if you have greater privacy needs. Here’s something that’s open-source, third-party, previously audited, and FREE.
Veracrypt
What I recommend instead is this free open-source disk encryption software – Veracrypt. It can be used on Windows, Mac, and Linux.
With Veracrypt, you’re able to create partitions on your computer, USB drive, or even external hard drive to store files containing sensitive information.
It uses the AES cipher. But, you have the option to use more than one type of encryption cipher (i.e. AES, Twofish, Serpent), one on top of the other. This makes it even more secure.
Furthermore, even the NSA cannot crack a former version of Veracrypt (Truecrypt). That tells you how strong Veracrypt’s encryption and brute-force protection is.
Veracrypt also allows you to set up the encrypted partition in a way that supports plausible deniability. What this means is that no one (other than you) can prove that the partition or data even exists. Veracrypt hides the partition and disguise it as computer random data.
For instructions on how to use Veracrypt, go to this beginner tutorial. It takes less than 10 minutes to set up an encrypted folder.
Other than lawyers, journalists, and activists, consider using this if you’re a ninja adventurer who travels to train. Keep your data safe! Get Veracrypt for free.
Note: If you’re using Truecrypt, switch to Veracrypt, which is a software fork of Truecrypt. Truecrypt is no longer updated and is vulnerable.
Want more privacy tips and practical survival hacks? Check out the Spy Escape & Evasion course by Jason Hanson, an ex-CIA agent.