Every year on January 28, we celebrate the international event of Data Privacy Day. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices.
Privacy is a human right. Many people confuse privacy with secrecy and anonymity. While privacy is a human right, anonymity is a choice. Anonymity is one of choices made possible with privacy.
I’m very careful about my privacy and I take it very seriously while I’m not an anonymous person. I don’t have anything to hide, except for my personal data, but I’m still very cautious about privacy. Privacy is like free speech. I respect my right even if I have nothing to say, or hide.
As Data Privacy Day is about raising awareness about best practices of it, I decided to write a note about one of the ways I keep my personal files secure through encryption.
I don’t have a lot of accounts online but for those I have, I always enable two-factor authentication and I keep backup/recovery codes so I will have access to my accounts if I get my authentication program lost, I will still have access to my accounts.
Also, I have a backup of my 2FA authentication database and some other files such as my PGP and SSH keys. All these files need to be stored securely encrypted somewhere out of my phone and personal computer.
I have four options to store these files.
- Encrypting files with GPG/PGP
- Encrypting files with AES
- Keeping them in an encrypted ZIP archive
- Keeping them in an encrypted hard drive
I need to be able to decrypt and access my files everywhere, without compromising my security. This will allow me to recover my files even if I lose all my devices and computers.
One software I know I have everywhere and/or is easy to access is GNU Privacy Guard (GPG). GPG is a complete and free implementation of the OpenPGP standard and is widely being used.
So GPG is a wondeful choice. However, AES (Advanced Encryption Standard) is also a very good encryption standard and is very strong. Many websites, such as mine, use HTTPS (Hypertext Transfer Protocol Secure) which is basically AES and is very secure.
So I also should consider that. One way of using AES for encryption is to use a proprietary program which I refuse to use. Another way is to use OpenSSL which is a software library for applications that secures communications over computer networks against eavesdropping or need to identify the party at the other end.
OpenSSL is good but can be complicated sometimes. I really don’t want to use my computer’s terminal that much every time I want to encrypt a file so I think I say with GPG for now.
Another way to use AES is to store my files in an encrypted ZIP archive using a program that uses AES for encrypting archives. I think 7-Zip is one. That is actually great. I can store all files in an archive and still have them encrypted.
However, the problem with that is that I can’t have 7-Zip everywhere and I don’t want to decrypt all my backup files/databases when I only need one. So I stay with GPG.
The last option I have in mind is to keep my files plain (unencrypted) but in an encrypted hard drive, which is pretty secure and good but my paranoid brain doesn’t let me do it; I still don’t know why.
So I chose to encrypt my files and store them in an encrypted hard drive. Then get a backup of that hard drive and store it in another hard drive and place it somewhere else, other than my first backup/secure drive.
When I need to add another file to my drives, I encrypt that file with GPG and then mount my first drive, add it to the hard drive and then again take a backup of that hard drive, encrypt it, and place the hard drive backup file in my second drive.
All this process takes about 5 minutes. It’s very easy to do and requires very little computer knowledge. Actually, there’s also plugins and programs with graphical user interface so I/you can easily do it with few clicks.
I don’t want to get in the technical part or type the commands or explain where you should click as you can easily learn all these with a simple web search or just read manuals of programs I mentioned. A simple “how to encrypt files with GPG” search will teach you a lot.
I highly encourage you to start taking steps for your privacy. A simple step to start with is to encrypt your files. I can help you if you need assistant. Many people in cypherpunk community will help you.