Introduction to securing personal data
About this Workbook
This self-contained workbook has been created from a wider guide Basic Internet Security - http://flossmanuals.net/basic-internet-security/
The manual was a direct response to a workshop given by Greenhost. The workshop made clear that journalists face many problems with regard to security. This manual therefore addresses the concerns and needs expressed in that workshop. However, the manual provides information on different layers of protection and therefore is valuable for other audiences as well.
As such part of the guide are being reused as workbooks which can help as guides for course materials, self-study, handouts or plans for events like cryptoparties.
About securing personal data
You may find it necessary or perhaps re-assuring to encrypt some data on your computer. Hard drives are not very well protected by the Operating Systems password mechanism - it is pretty easy to remove a hard disk from a laptop and access it from another computer, similar to how you would access any hard disk you use for back-up or storage. So if you want to avoid this possibility you should encrypt the data on your hard disk or, better still, encrypt your entire hard disk.
You can also take this protection another level and encrypt the data and store it on another device like a USB stick or small hard disk. This means the data can also be very easily physically hidden and its also very portable. If you want to be really really sneaky you can also create hidden encrypted volumes which means if someone accesses your hard disk they must know quite a bit about computers to know how to find it - of course if you have the software installed to do this kind of thing that might not look so friendly to someone prepared to go to these measures.
'Encrypting your data' like this means locking away your data in a very secure 'container'. If you do not know the passwords then that data will look like a mess of letters, numbers and other characters. If you know the password you can easily open and access the files.
We will look mainly at TrueCrypt - a free/open source solution to this issue. TrueCrypt is a very nice software that can be used on MaxOSX, Linux or Windows for establishing and maintaining an on-the-fly-encrypted container ('volume'). On-the-fly encryption means that your data is encrypted when you save it and then also de-crypted when you open (access) it without you needing to do anything. You can continue to use your computer like you normally would - you can drag and drop files to an encrypting data etc. When you turn off the computer the data is encrypted automatically - the same thing happens if your computer's power supply is interrupted or if the disk is removed from your computer. The only way to access the data is to start your computer in the normal fashion and entering the necessary passwords. It's actually pretty easy to use and in a sensible world all data would be stored in this fashion. The only issue you really need to consider is that the data is not encrypted automatically if you put your machine 'to sleep'. If you want this type of security you need to get used to waiting a while and do a real shutdown of your computer and a real start-up each time you you use it. This is not the way people are usually working with laptops but this little extra attention and pause for a few moments is a small price to pay for good data security.