Encryption and You [infosec.201.2]

by | Jul 15, 2022 | 1 comment

What is encryption?

Encryption refers to the practice of securing information with a “key” so that anyone without the key can’t read it. A text file on your Macbook with your unpublished novel you’ll finish any day now can be read by anyone with physical access to your device without encryption. With encryption, it’s scrambled up into nonsense and only turns back into a readable format when you enter your login password (the key).

Here’s another example of encryption at work you use every day: when you connect to this website, the browser and web server exchange a pair of keys to encrypt the connection. This way, someone on your Wifi network snooping in on what your computer says to your modem can’t tell what score you got on the following quiz — the data is encrypted, and the snoop doesn’t have the key – they just see nonsense data.

Encryption doesn’t refer to a specific technology. It’s a process and some implementations of that process are better than others. Implementations are never perfect, and they can be defeated by very sophisticated attackers. Encryption is easy to use in most cases and will repel many basic tools and ametur hackers. With this in mind, you should encrypt your phone, tablet, desktop, laptop, and any other device that supports it.

What does encryption do for me?

What does all this mean? Before encryption, if you went on a plane and checked your bag, anyone from the TSA can start reading the documents and files on your computer in a few minutes. Especially with many Windows computers, it’s trivial to take the hard drive out and plug it into another computer and start reading the content.

If your laptop’s hard drive is encrypted, however, you can’t read what’s on it. The attacker can make a copy of your hard drive, but they can’t read what’s on it until they break the encryption, either through advanced hacking techniques or cracking the password. Modern devices like Macbooks and Surface devices come with special hardware to make decrypting a hard drive after taking it out of the machine even harder.

How to: Encrypt your device data

Let’s get hands-on and make sure all of your phones, laptops, and desktops are encrypted. Do not change settings on devices owned by someone else, like your employer.

  • Modern iOS devices are encrypted automatically, but you can make sure by setting a 6 digit PIN in addition to any biometric authentication options, like fingerprint or face unlock. A 6 digit PIN takes longer to crack than a 4 digit PIN (cracking is when a computer guesses lots of passwords at once trying to find the right one).
  • Most Android devices are encrypted by default. As with iPhones and other devices ensure you have a six (or more) digit PIN in addition to any biometric authentication options, like fingerprint or face unlock.
  • Modern macOS computers are also encrypted by default but you should take one additional step to make it more secure. Go to Settings > Security and privacy > FileVault to see your encryption settings and ensure the computer requires your login password to decrypt your data. Backup your key wherever you will keep it safest — iCloud is a good bet, just make sure your iCloud phone number, password, and devices list are up to date and secure.
  • Microsoft Windows users are not so lucky. Your computer may support automatic encryption if it shipped with Windows 11, and it might apply the encryption on update. You can check under Windows 11’s Settings > Update and Security > Device encryption menu. If you don’t see an encryption menu item, your laptop isn’t encrypted. You can turn on BitLocker manually on most versions of Windows to encrypt your drives on your own, but if you aren’t a tech-savvy person you may not want to do this. If you do, please be careful and triple-check that you’ve backed up your Bitlocker Recovery Key – it’s very easy to lose all of your data! If you want to buy a new Windows machine without these issues, look at Microsoft branded devices like the Surface line.

Conclusion

Now that your devices are encrypted, let’s move on to the next major part of Block 2 — password managers.

The above content is part of a course on socialism.tools. If you login, you’ll see quizzes and links to other lessons in the course.