Month: March 2021

File Encryption And The Cloud

Posted on by Dustin Fontaine

File Encryption And The Cloud

 

Before I get too far, let me just elaborate a little bit on what encryption is.

Think of a regular, everyday safe. You put your important documents or other items in it, then lock it. Now only someone that knows the combination (or has the key) can open it. File (and disk) encryption works pretty much the same way, you would encapsulate your data into a single file, or array of files that all have names something along the lines of cneu2382865j24 and nobody knows what that is and can’t access it if they don’t have the password to it.

Now I am assuming you, like many other people in this world want at least some resemblance of privacy, especially on your data. This can include anything from important legal evidence to honeymoon photos. Just things you don’t want others to see in general. The problem is, if you choose the cloud to  back up your data , you are in a conundrum. Ed Snowden mentions in his book that they really do look at all those pictures you send to your sweetheart. So how do you keep your data safe from prying eyes?

Switch Cloud Providers

The first option is to use what’s called a Zero Knowledge cloud provider. These providers encrypt your data by default meaning that garbled name you saw earlier is what they see on their end. You log in via your password, which opens the content to you over a secure connection. You can still share and upload and use apps on your various devices the same way you normally would.

Some providers

Encrypt Your Files With Existing Cloud

The next option is to encrypt your files then put them in the cloud. Now there are a few benefits and drawbacks to this approach and I want to make sure I cover them here. Bear in mind, this is a way to securely store the file, like you lock it away until you need it, not something that is frequently accessed.

A great upside is you get to use the same cloud provider you already pay for. This is huge if you already use a larger part of the service like Office 365 and want to still get use out of your 1TB storage on OneDrive. Even if you use a free service – if your data is small enough you can still store it.

The biggest downside is you don’t manipulate the data in your cloud provider though this is expected by design, if you share a link they get that same jumbled mess of a name and can’t do anything with it – unless of course you share your password with the recipient. You will also need to be on a platform that can access it, which I will cover in the instructions portion of this post below.

Another thing to be aware of is your storage limits. If you have a paid plan that gives you 1TB of data and you let it expire to a 5GB free plan, and your vault is say, 15GB, you will run into issues trying to sync it. Be sure to set your vault to a reasonable size.

I’m Sold! How Do I Do It?

I’m someone who likes to make things as universal as possible, portable even. I try to think of ways that a calamity might occur in which I am unable to use a service or product in the future, such as a company closing down or other scenario. I picked Veracrypt because it’s Open Source, so even if the maintainer shuts down, you’ll still be able to find it on some public archive site.

So now, download Veracrypt . Again, just to be forward thinking, save a copy of the installer somewhere ( also replace the most updated copy when your software updates). There are install options for Windows, Mac and Linux so you can share your data between just about anyone on any desktop platform.

I’ve set up the following folders to work with as an example, just imagine My Cloud to be the embodiment of whatever cloud storage you use, and adjust your settings to that folder.

Now you want to install Veracrypt, I’ve gone through this process myself and for basic storage purposes, you can leave all the default values and hit Next.

Once you open the software, you will create your volume, which you an think of as kind of a digital equivalent to a jump drive or external hard drive. It’s portable and you can carry it wherever you want – digitally that is. Again, these default values are perfectly fine for our purpose. During this process, you will want to pick a location for your volume, browse to your cloud folder and give it a name. Use the default encryption options, these are fine.

The next few screens are important though. You will create the size of your volume. This will be dependent on your size of your data, and you will want to be aware of your cloud storage limit. I’m making the example volume 10MB. Then set your password or passphrase (you are using a  password manager  right?).

 

Create Your Volume

(Slideshow)

Next be sure to actually mount your volume (this is akin to the act of plugging in your USB drive), I picked letter V for Veracrypt but as long as it’s not already taken, you can pick any letter. Then the drive will show up and you can place your documents into it to save within the encrypted volume.

(Slideshow)

Don’t forget to dismount when done!

 

 

What Is Open Source?

Posted on by Dustin Fontaine

What Is Open Source?

If you’ve read my previous blog entries, you may have noticed I use the term open source a few times and you may ask, what does that mean? Well the source code of an application or service is the human-readable programming code that makes up the existence of that entity. As opposed to proprietary software, which keeps the code under lock and key within the organization, open source software keeps the programming code in a publicly-visible repository.

What does this mean for me?

While it’s true that the general public is never going to begin to care about being able to see the source code of the software they are using, there are several indirect benefits that the Average Joe can be confident in.

The first benefit is that it’s auditable. If you have ever read a Privacy Policy of proprietary software, you notice that there are a tons of words that basically say, “We do what we want with your data, but nothing nefarious, trust us.

Well when the software you are using is open source, that vendor (or in many cases, project maintainer) is held to the fire. There can be major repercussions to lying about data collection, including the entire project being taken down. You may not be the one looking through the code, but there are plenty of people who do, anyone from an enthusiast to an IT person making sure the software meets their organization’s compliance needs.

Another great benefit is the software is usually hosted in more trustworthy places, if you’ve ever searched for “free” software and found yourself with toolbars on your browser and other scammy software popping up out of nowhere, you know exactly what I mean.

How do I get it?

So what do we do if we want to perform a simple task without paying for large commercial software and without getting infected? Instead of searching for free photo editor try searching for “open source photo editor instead. This will generally direct you to a projects release page where you can download this software in all its glory without all those nasty toolbars.

Another great resource I recommend is AlternativeTo, a site that allows you to search for commercial software and gives many user-submitted recommendations for alternatives. There are also a lot of filters that you can search by including which platform you are running on (Windows, Mac, Android) and licensing (like open source).