Monday, February 19, 2024

Encryption 101 - Part 1 (A Beginner's Guide)

By Tim Gamble
--The following information is specifically for Windows systems-- 

You know, or at least have heard, that you should protect your information. You may have even heard the word "encryption." But, what exactly is encryption? And how do you do it? Do you need awesome tech skills or expensive software? This article will quickly give you a basic understanding of encryption and what you may need to encrypt, as well as reveal (in part 2) an easy and free way even non-techies can use encryption. 

What is encryption? Very simply, encryption is a way to "scramble" information stored on your computer, laptop, USB key (memory stick), or other electronic device so that no one without the encryption password can read it.  So, if someone steals your laptop or you lose your USB key, no one can read the sensitive files that are encrypted on it, even if they otherwise can get into your device. There are several different methods and standards for encryption, but there is no need to understand the technical specifications in order to use encryption.

What needs to be encrypted?  How much of your information you decide to encrypt is up to you. I personally only encrypt personal information of a sensitive nature - tax and financial records, business records, insurance information, medical information, my master list of passwords and pin numbers, contact lists, back-up copies of important documents such as birth certificates, CC permits, deeds, titles, driver's licenses and passports. I also encrypt certain "prepper" information that might reveal aspects of my prepping that I don't want to be public knowledge, such as planned bug-out locations, or guns and ammo, food storage and medical supply lists, among others. 

I see no need to encrypt my music and video files, photos, or even most of the prepper-type videos, articles, and eBooks I've downloaded over the years. In fact, less than 15% of my computer files are encrypted. I only bother encrypting truly sensitive information. 

Why encrypt important information? Privacy is important. ID theft has become a $20 billion a year industry in the United States. Then there is the government, public schools, Big Tech, large corporations, political and social activists, snooping employers, and even nosy neighbors that want to know everything about you, even (especially) the stuff that is absolutely none of their business. Preppers and survivalists also should be concerned about operational security. There are lots of legitimate reason to protect your data. The idea that only "bad people" need to worry about privacy is a stunningly ignorant opinion. 

Are there drawbacks to encryption? There is one, and its potentially a huge drawback. If you forget or lose your password, there is no way to recover it. No one will be able to send you a link to change your password. Even the encryption software company or your favorite IT guy will not be able to recover or change it for you. If you cannot figure out your password, you will be locked out of your encrypted data forever.

Also, its worth noting that the encryption is only as strong as your password. Don't use an obvious or easy-to-guess password, such as your mother's or wife's maiden name, your dog's name, your social security number, or even "password." Many security experts now suggest using a random sentence as your password, such as "IhatepurpleeggssaidSam" (that one is "I hate purple eggs said Sam" without the spaces) - make it something that you'll remember but no one else is likely to ever guess.

Does the Government (FBI, NSA, etc) have the ability to break encryption? This is a controversial question, and opinions vary widely. At the very least, it is not quick or easy for the government to break into encrypted data. Even at the highest levels, it would take considerable time and resources, and even then it may not be possible. However, I personally assume that with their technical expertise, access to supercomputers, and other resources, the government would be able to eventually break any encryption if they were determined enough to do so. 

"Determined enough" means willing to devote a considerable amount of time, manpower, and other resources. They do not care enough about your list of prepper supplies or bug-out locations to devote such effort to your data. They would need a real reason to go after your data to such an extent.     

Does the Government (FBI, NSA, etc) the legal right break into my encrypted data? Can they force me to reveal my password? Constitutionally, no. In the USA, they would need a warrant, obtained only after showing just cause, to go after your data. And even then, they would not be able to force you to cooperate (5th amendment means they cannot force you to incriminate yourself). However, in recent years, we have seen the government and even the Court system itself ignore the Constitution when it is convenient for them to do so. Most other countries do not even have similar 5th amendment protections, and folks in those countries may be jailed for refusing to reveal a password. 
Please subscribe to Dystopian Survival using the Follow By Email field at the bottom of the right hand column.
AD: I use and highly recommend GorillaDrive USB Flash Drives. They are designed to be pressure / impact resistant (up to 250 psi), heat resistant (up to 225 degrees F), and water resistant (up to 65 feet). Although they list freeze resistance at 32 degrees F, one of mine did survive outside overnight in below freezing weather (mid 20s), when I accidentally left it on top of my vehicle. I've been using Gorilla Drives for 10 years and have never had one fail.

No comments:

Post a Comment

Comments are posted without moderation. Use caution when following links, and beware of SPAM and fake links. Please keep discussions civil and on-topic.