18 May, 2017

Encrypt Your Private Files And Stay Relaxed even after Breach in your System - A basic Introduction to Encryption

Posted by Sahil Goyal
Encrypt Everything (E^2) is fundamentally about your privacy. We have come to expect personal privacy in many areas of life. We expect what we do within our own homes to be private from others. We expect our mail to get to its sender without being opened and read by other people. We expect banks to keep our financial records private.

encrypt your personal files

However online it seems our expectations of privacy are suddenly much lower than in the offline world. Companies expect us to give them plenty information about ourselves for the 'privilige' of doing business with them. Or even just to look at their sale flyers. At the same time other online businesses are teaching us to give away every little detail of our lives for the sake of 'staying connected' in 'social media'.

Read Also: Play with Siri

There are few laws protecting the transfer of this data between organizations or it's collection by both private and government organizations. The Post Office is legally bound from reading your mail, but there is no equivilant prohibitions from reading your email.

In order to reaffirm the right to personal privacy in the 21st century E^2 aims to provide a series of guides both to personal behaviour and to software usage that can begin to reclaim privacy in the 'digital age'.

How To Act Online

Our guides start out with some advice on online behaviour. This is because ultimately no amount of software can give you privacy if you end up giving away all of your information to start with. Ultimately it is up to you to decide what information to keep private and what information your willing to give away. So you do not have to follow these guides in every detail, but rather the idea is to make you think a bit more about how much you value a piece of personal information and not just automatically give whatever is asked for.

Read Also: iPhone 8 Design Leaks

Some may think that some of these guides seem to be more about computer and network security then about privacy. This is because these two ideas are closely related in the 'digital realm'. One cannot have privacy without security. (Although the reverse isn't necessarly true.) Thus your system should be secure if you also want it to be private. Thus, for example, we have advice on choosing passwords.

What is Encryption?

The name 'Encrypt Everything' comes from one of the most basic ways to improve your online privacy: encryption. Encryption is a method of turning readable data into unreadable data. The unreadable data can be turned back into the original readable data through decryption, which can only be done by those in possession of of a key.

Encryption allows for the transmission of data - any form of data, be it text or audio or images or video or anything else - in a secure and private manner so that, ideally, only those intended to receive and view the data can do so. You can think of encryption as an 'envalope' you put your data inside so that nobody can read it until the envolope is opened. [1](Those who understand encryption may object to this anology, but it does at least get the idea across.)

To give a better idea of how encryption works let's give a simple example. First you generate a key. Let's start with the alphabet:A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

You could replace every letter with it's corresponding number (plus adding an extra number for spaces): A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
This letter-to-number correspondence is our simple 'encryption key'. Now, you have a message:the quick brown fox jumps over the lazy dog.

Using our encryption key that becomes:2008052717210311270218151427061524271021131619271522051827200805271201262527041507
If someone didn't have your encryption key they can't read your message. But someone with your key could use it to reassemble the original meaning.

Now of course with a simple encryption system like this it would be possible for someone to guess what your encryption system & key is. And a computer could do so trivially. So this isn't a very good encryption system. However this is a problem for all encryption systems. You can look for underlying pattrens and use those to try and reverse the encryption even if you don't posses the key used. Actual encryption systems used by the software & network systems highlighted by E^2 are much more complex. They use randomly generated keys of great length that are harder to guess. And they add junk data to confuse attempts at decryption.

But the basic idea of encryption in all cases is the same: you transform your message into something else and someone else who knows the system & key you used can use that to transform the data back into the unencrypted message.

Encryption Uses

You probably already use some encryption without realizing it. When you shop online most online stores will create a Secure Connection when your entering your credit card and delivery information. By using encryption here online stores minimize the risk that someone else can intercept your credit card & personal information and use it for nefarious purposes.

However most internet traffic is currently unencrypted. When you send a regular email anyone with access to your email server or the email server of the recipient or any of the email servers the messages passes through in between could intercept and read your message. E^2 aims to change that by making people aware of the options avaliable to them to encrypt more of their communications through easy-to-follow step-by-step guides.

The Bad Side of Encryption

However it should perhaps be noted that not all encryption is good. Companies have been increasingly be utilizing forms of encryption to keep people from using their own computers the way they want to. 'Digital Rights Management' or DRM (also called 'Trusted Computing' or 'Technological Protection Measures' or 'TMP') is a means of restricting what you can do with your music and video files. By using encryption keys stored in partitioned off areas of hardware or software DRM systems lock you out of your own files. DRM isn't about managing *your* right but rather protecting corporate 'rights' to control what you do.

Encryption Is Not a Crime!

The common refrain brought up when someone suggests increasing the scope of personal privacy - or even just defending the status quo against attempts to reduce that scope (such as the current Bill C-30 in Canada) is, of course, 'but why insist on privacy if you have nothing to hide?'

Firstly privacy is an inherent right. It does not need justification any more than 'free speech' requires justification. The Supreme Court of Canada has recognized Section 8 of the Charter of Rights and Freedoms as providing protection for personal privacy. This right is also recognized in the United Nations International Covenant on Civil and Political Rights.

Second, a lot of us do have things we want hidden. But that doesn't mean illegal activity. It could just be socially unacceptable. (Maybe you like dancing to the radio in the nude.) Or it may be socially acceptable among friends but not socially acceptable at work. (Like getting drunk and telling explicit jokes.) Or maybe you just got pregnant and don't want your parents/friends/new employer to know just yet.) Or it may be something we're working on and don't want to show to others until it is complete.

Hopefully you get the idea that privacy can be a good thing and why we here at E^2 are trying to promote it.


Post a Comment

Note: Only a member of this blog may post a comment.