File Encryption And The Cloud

Posted on March 26, 2021July 10, 2024 by Dustin Fontaine

File Encryption And The Cloud

Before I get too far, let me just elaborate a little bit on what encryption is.

Think of a regular, everyday safe. You put your important documents or other items in it, then lock it. Now only someone that knows the combination (or has the key) can open it. File (and disk) encryption works pretty much the same way, you would encapsulate your data into a single file, or array of files that all have names something along the lines of cneu2382865j24 and nobody knows what that is and can’t access it if they don’t have the password to it.

Now I am assuming you, like many other people in this world want at least some resemblance of privacy, especially on your data. This can include anything from important legal evidence to honeymoon photos. Just things you don’t want others to see in general. The problem is, if you choose the cloud to back up your data , you are in a conundrum. Ed Snowden mentions in his book that they really do look at all those pictures you send to your sweetheart. So how do you keep your data safe from prying eyes?

Switch Cloud Providers

The first option is to use what’s called a Zero Knowledge cloud provider. These providers encrypt your data by default meaning that garbled name you saw earlier is what they see on their end. You log in via your password, which opens the content to you over a secure connection. You can still share and upload and use apps on your various devices the same way you normally would.

Some providers

Encrypt Your Files With Existing Cloud

The next option is to encrypt your files then put them in the cloud. Now there are a few benefits and drawbacks to this approach and I want to make sure I cover them here. Bear in mind, this is a way to securely store the file, like you lock it away until you need it, not something that is frequently accessed.

A great upside is you get to use the same cloud provider you already pay for. This is huge if you already use a larger part of the service like Office 365 and want to still get use out of your 1TB storage on OneDrive. Even if you use a free service – if your data is small enough you can still store it.

The biggest downside is you don’t manipulate the data in your cloud provider though this is expected by design, if you share a link they get that same jumbled mess of a name and can’t do anything with it – unless of course you share your password with the recipient. You will also need to be on a platform that can access it, which I will cover in the instructions portion of this post below.

Another thing to be aware of is your storage limits. If you have a paid plan that gives you 1TB of data and you let it expire to a 5GB free plan, and your vault is say, 15GB, you will run into issues trying to sync it. Be sure to set your vault to a reasonable size.

I’m Sold! How Do I Do It?

I’m someone who likes to make things as universal as possible, portable even. I try to think of ways that a calamity might occur in which I am unable to use a service or product in the future, such as a company closing down or other scenario. I picked Veracrypt because it’s Open Source, so even if the maintainer shuts down, you’ll still be able to find it on some public archive site.

So now, download Veracrypt . Again, just to be forward thinking, save a copy of the installer somewhere ( also replace the most updated copy when your software updates). There are install options for Windows, Mac and Linux so you can share your data between just about anyone on any desktop platform.

I’ve set up the following folders to work with as an example, just imagine My Cloud to be the embodiment of whatever cloud storage you use, and adjust your settings to that folder.

Now you want to install Veracrypt, I’ve gone through this process myself and for basic storage purposes, you can leave all the default values and hit Next.

Once you open the software, you will create your volume, which you an think of as kind of a digital equivalent to a jump drive or external hard drive. It’s portable and you can carry it wherever you want – digitally that is. Again, these default values are perfectly fine for our purpose. During this process, you will want to pick a location for your volume, browse to your cloud folder and give it a name. Use the default encryption options, these are fine.

The next few screens are important though. You will create the size of your volume. This will be dependent on your size of your data, and you will want to be aware of your cloud storage limit. I’m making the example volume 10MB. Then set your password or passphrase (you are using a password manager right?).

Create Your Volume

(Slideshow)

Create your Volume.
Select your save location, this would be in your cloud provider’s sync folder.
You can leave this as default.
Create the size of the volume.
Move your mouse around the window until the bar is complete. Then click Format.
Generate a password using your password manager or pick a good passphrase.

Next be sure to actually mount your volume (this is akin to the act of plugging in your USB drive), I picked letter V for Veracrypt but as long as it’s not already taken, you can pick any letter. Then the drive will show up and you can place your documents into it to save within the encrypted volume.

(Slideshow)

Mount the volume. I picked V as a drive because the software is called Veracrypt.
Drive appears.
Copy the data into the volume. Your cloud sync folder will then perform its duty.

Don’t forget to dismount when done!

What Is Open Source?

Posted on March 11, 2021July 10, 2024 by Dustin Fontaine

What Is Open Source?

If you’ve read my previous blog entries, you may have noticed I use the term open source a few times and you may ask, what does that mean? Well the source code of an application or service is the human-readable programming code that makes up the existence of that entity. As opposed to proprietary software, which keeps the code under lock and key within the organization, open source software keeps the programming code in a publicly-visible repository.

What does this mean for me?

While it’s true that the general public is never going to begin to care about being able to see the source code of the software they are using, there are several indirect benefits that the Average Joe can be confident in.

The first benefit is that it’s auditable. If you have ever read a Privacy Policy of proprietary software, you notice that there are a tons of words that basically say, “We do what we want with your data, but nothing nefarious, trust us.“

Well when the software you are using is open source, that vendor (or in many cases, project maintainer) is held to the fire. There can be major repercussions to lying about data collection, including the entire project being taken down. You may not be the one looking through the code, but there are plenty of people who do, anyone from an enthusiast to an IT person making sure the software meets their organization’s compliance needs.

Another great benefit is the software is usually hosted in more trustworthy places, if you’ve ever searched for “free” software and found yourself with toolbars on your browser and other scammy software popping up out of nowhere, you know exactly what I mean.

How do I get it?

So what do we do if we want to perform a simple task without paying for large commercial software and without getting infected? Instead of searching for “free photo editor“ try searching for “open source photo editor“ instead. This will generally direct you to a projects release page where you can download this software in all its glory without all those nasty toolbars.

Another great resource I recommend is AlternativeTo, a site that allows you to search for commercial software and gives many user-submitted recommendations for alternatives. There are also a lot of filters that you can search by including which platform you are running on (Windows, Mac, Android) and licensing (like open source).

Organize Your Email With Delimiters

Posted on February 11, 2021July 10, 2024 by Dustin Fontaine

Organize Your Email With Delimiters

How many unread messages do you have in your email box right now? If you are like many people, that number has several digits. You may find yourself in a situation that might very well only be resolved by creating an entirely new email – and I know that is not an easy task – I’ve done it a few times (and helped others through the process). Whether you decide to keep on keeping on or start fresh I’m going to give you a great method to help organize the clutter.

Most of the more modern email providers, Gmail, Outlook, Office 365 support a feature that goes by many names (plus addressing, tags, disposable addresses, delimeters). It’s the simple art of extending your existing email and adding a tag that will identify the source of where you are receiving emails. The best part is you don’t even have to do anything special to enable it (in most cases)!

Note: If it’s not turned on in your 365 tenant, an admin will need to run this command in Exchange Online Powershell:

Set-OrganizationConfig -AllowPlusAddressInRecipients $true

The downside is – there are some services that for some reason just cannot comprehend the idea that people might actually use this. When you update your favorite sites, make sure you can receive a test email from them before committing fully on a very important site (like a bank). Some mail providers will at least let you create aliases if a site cannot handle tags. And of course while I don’t prefer to use the base email, sometimes I just have no choice.

So now the idea: Let’s say I have an email of Dustin@Gmail.com. If I want to create a special email for Twitter, I would sign up (or change) my email to:

Dustin+Twitter@Gmail.com

Gmail supports plus addressing and Twitter can comprehend plus addressing so there should be no problem in receiving this mail to my inbox.

This one example by itself isn’t very impressive of course, but what if we consistently do this for various sites? What if we subscribe to several newsletter sites that we don’t want cluttering our mailbox but we still want the content of those newsletters?

Dustin+Newsletter@Gmail.com

Or:

Dustin+MagazineSiteName@Gmail.com

And now we create a folder under our Inbox called Newsletters and create a rule (unless you opt for RSS feeds). The way rules are handled vary by your mail provider but essentially the outcome we want is:

IF: TO= Dustin+Newsletters@Gmail.com ; 
THEN: Move to Folder= Newsletters

Now we have a nice little folder where all these newsletters automatically get placed. We can browse them at our leisure and when we need to view important information at a glance, they aren’t in the way. This can apply to any number of scenarios:

+Bank1
+CreditCard2
+Spam
+Auto
+Amazon
+Bills
+Receipts

And the list goes on. Create rules for all of these, flag Bills as important as soon as it comes in, automatically move Spam to your Junk folder. The possibilities are endless! At this point your mailbox is basically cleaning itself. Not only can you create tons of rules, but it makes searching for the content you need so much faster:

Search: "Best Buy Receipts"

Since you know you gave the +Receipts address to use for your emailed invoices, the search will return more focused results.

This methodology is also great at protecting your accounts from vulnerabilities. If Twitter were to become compromised, attackers would have my email and password, BUT that email is not my real email, and that password was generated by my password manager. Most attacks are generally automated and a list of compromised accounts is spammed at a site, so that information is basically useless for trying to gain access to really anything else, much less the more important accounts.

Words Of Wisdom

You may just decide your current mess is too far from redemption. I’ve seen many people finally go through all the trouble of creating a new account, and then set up a universal forward for all their old mail. Don’t do this. This is precisely what will cause your 9999+ emails to appear in your fresh new account. You may be in the moment with your new address and be adamant about unsubscribing and cleaning things up as they come in, but this will wear off and that new car smell will go away.

Update all your important accounts with your new address (with tags if possible), and forget about the rest for now. There is nothing stopping you from checking in on your old account from time to time – possibly creating rules from SPECIFIC senders to forward (with tags) to your new address. You can always go in later and update destination emails to those less important sites as time permits.

Which Computer Is The Best?

Posted on January 13, 2021July 10, 2024 by Dustin Fontaine

Which Computer Is The Best?

Being in the technology industry, I’ve often been asked for recommendations on various types of electronics – from PC’s to tablets to Blu Ray players. Sometimes I’m just asked what computer I buy because it must be the best. Before I give my own opinions, I’d like to take a step back and review a few certain facts.

Setting Standards

First, all electronics are made from the same components – more or less. You have to expect that it’s not going to last forever, and it will more than likely fail at a very inopportune time – see my post on data backup to make this less painful. Any computer component can fail at any time and you won’t magically find that one model that is guaranteed to never die.

Second, we have to consider the risk/revenue ratio for the vendor. If you purchase your PC new, every vendor has to comply with the legally required one year warranty. They CAN however, set the terms of that warranty and in some cases it just barely qualifies. Nobody likes sending their laptop out for three-week shipping, only to have some random part replaced that was just lying around as a “known-good” part, then sending back over another three-week shipping label. Unfortunately, this happens more often than not.

Also note, the “extended warranty” or “protection plan” that is usually offered with purchase from Best Buy, Wal Mart or others, is through the retailer – NOT the vendor. Since it’s all too common that the exact scenario above is how your warranty is handled, I typically recommend getting the retailer plan if feasible. The even better option though, would be the expedited support plans from purchasing directly from the vendor.

Business Computers

Now the contrast to the scenario above is to go for business computers. A lot of the big names like Dell, Lenovo, HP, etc. have nice profitable contracts with a lot of enterprise-level customers and those customers buy A LOT of computers from them. They also usually purchase some sort of support plan that includes next-day on-site repair for the machine – because you know, the CEO can’t be bothered to send off his laptop for a month.

Now let’s think about that for a second. Not only does the expedited shipping of the part cost some money but they also have to pay for the technician’s time to repair the machine. That is a significantly higher cost than the scenario that involves shipping to the depot and back. As you might imagine, there is typically a lot better quality control over the machines that tend to ship out with these support plans than not. This is by no means a solid algorithm for purchasing, but it is something I usually take into consideration.

Here are just a few for you to look at:

Gaming Computers

Support-wise, all of the above have gaming options. If you are a student that also likes to play games, it may be in your best interest to slap on that next-day support plan on whichever one you like. Other popular options include MSI and Razer, or you can check out a specialty vendor like Xotic or Origin.

Apple Computers

Okay I have to mention these because you know I’ll be approached by those people who are basically Apple evangelists. I have owned a Macbook Pro in the past and I can say they have very good quality, nice computers.

However, you really have to think about what you are doing with your machine before deciding to jump on the hype train. Apple computers are very good design machines, have fairly powerful hardware, and are essential if you are developing iPhone apps. They do not integrate well with primarily Microsoft environments, at least without some work.

Chromebooks and Linux Computers

Chromebooks and Linux computers are commonly found in schools in this day and age and there is a market for them with people who do not use their computer for much more than web browsing. They can be powerful development machines too though, again – know your use.

In addition to many of the same big names selling Chromebooks and having the ability to install Linux on just about any of them (yes, including the Macbook) I also want to plug two vendors that specifically sell Linux laptops, though if you want you can still install Windows on them:

Conclusion

So you see, I don’t really have a brand that I recommend, because there is no real difference as they all have budget and premium options. Some people have anecdotal experiences with certain brands, and they have the right to their opinion on the matter. What is more important to me is that I like the look and feel of the machine that I’m spending my money on. I have to have a keyboard that isn’t a chore to type on. For these reasons, I tend to gravitate toward the Lenovo Thinkpad T series or Dell Latitude 5000 or 7000 series (though I have certainly looked at the XPS), but I’m not married to either of them.

In the end though – my best advice is to shop around and if possible, take the machine for a test run. Most local retailers are going to have their inventory on display and you have to be happy with a device that you are going to be relying so much on. It has to be comfortable in relation to the amount of time you are going to spend using it. So I say go on in, browse Reddit or your favorite news site, Youtube or any website you don’t have to log into (remember, it’s a public machine). Open up a word processor and pretend to type out a very important email. Just be satisfied with it before you purchase. You might even get lucky and get a discount on the display model if inventory is out – just be sure to sanitize it properly. Many larger online retailers also have good return policies so that might be worth considering before your eventual purchase.

You Need A Password Manager

Posted on January 12, 2021July 10, 2024 by Dustin Fontaine

You Need A Password Manager

You may have heard of these newfangled things called password managers. Yes the hype is real and you don’t have to put everything in a notebook, spreadsheet, or array of sticky notes – which may or may not be subject to a horrific death in the event of a natural catastrophe. There is also something to be said for using the same passwords over and over or using easy to break passwords with some variant. Is your password on this list?

But which one to choose? There are plenty out there but the two I’m going to discuss today are Bitwarden and 1Password – mostly due to the fact that they are built on open source and are zero-knowledge (the data is encrypted in transit so they can’t actually see your content). Bitwarden has a free tier versus 1Password which has a two-week trial. They are both going to have browser plugins, mobile apps and desktop applications to make filling in information super easy. If you use a spreadsheet currently, it will likely be super simple to re-format it a bit for import. Post-Its are going to take a bit more time.

You can use it on your own or upgrade to a family/team account. Bitwarden uses Collections, whereas 1Password uses Vaults. The two work pretty much the same way in that you create an object and grant certain members of the account permissions.

To break it down, here would be a good example of how a family account might be managed:

Personal Vault – This is independent to each user and only visible by them.
Shared Family Vault – This might have universally shared items such as wifi passwords, streaming accounts, etc.
Shared Parents Vault – This has items that should be shared with parents and not the kiddos, such as bank logins.
Work Vault – The various logins to your portals for work, nice and tidy and separated from your other content.

I personally like the way 1Password makes the vaults appear more independent from each other so that was the route I went and have been using it for several years at this point. Bitwarden’s collections fundamentally function the same way, they just appear as another root folder. You would delegate access using the same concepts as above.

Of course my goal here isn’t to sell you on a particular brand of password managers, what’s much more important is that you use one, period. The two I discuss are the ones that I have more experience with so I can elaborate on how they function more. Other popular password managers include: Dashlane, Lastpass, Roboform.

Words Of Wisdom

If your master password in the manager is easy to break into, you’ve not done really any good. Instead of using a password for your password manager’s master password, I recommend using a passphrase which, as you may have guessed, is a phrase rather than a word. This makes it exponentially harder to break into and will more likely be easier to remember. Hear me out – Instead of trying to remember 53!P@ssw0rd$@@ which is not very strong, try remembering Somebody once told me, the world is gonna roll me! I’m sure you heard that song in your head just now – and it’s WAY more secure and more fun to type! You can see how difficult your passwords are here, so go ahead test your current ultra-complex password against your favorite song verse or movie line.

Just remember it because zero-knowledge means they can’t get you back into your account! Be sure to write it or print it out and put it somewhere actually safe, like a safe. I know, writing passwords is a known bad idea but you should have this one accessible in case you do forget it, just be sure it is somewhere that is difficult or impossible to access by others. 1Password has a fancy Emergency Kit but simply writing it will do.

But regardless of which route you take, just take a route. In the words of Shia LaBeouf, DO IT!