Encrypting your files on Internet

hishadow

Level N+1
Joined
March 30, 2008
Messages
1,163
Location
Scandinavia
A quick guide for storing your files safely on the Internet. Right now I only know of one file-service that this works with but feel free to add more (or suggestions to this guide).

First you'll need to sign up for a service. I've used www.dropbox.com since they support differential updates. This is necessary when storing large files since only changes to the file will be uploaded instad of the whole file.

Next you'll need to download Truecrypt from www.truecrypt.org. When running, choose 'Create Volume', 'Create an encrypted file container', 'Standard Truecrypt volume', and store the file in your Dropbox folder. For encryption options you can use 'AES-Twofish-Serpent' as encryption algorithm, and 'Whirlpool' as hash algorithm. When setting the size of the volume, choose something low like 500MB - 1GB. Next, when setting the password I recommend enabling 'Use keyfiles'. This is a 512 character long password stored as a file. It can be combined with an ordinary password. If you select 'Keyfiles' you can let Truecrypt generate this file for you with 'Generate Random Keyfile', then add this keyfile to this volume's keyfiles. Finally, when the volume is formated it is ready for use.

Find an available drive-letter and click 'Select file' and select the volume you created, then click 'Mount'. Enter the password and add the keyfile. You can then save to the encrypted volume from the drive-letter you chose. When your done copying files, choose 'Dismount All' in Truecrypt. After some seconds, your Dropbox software will synchronize the updated encrypted volume back to their servers.

Note: Remember to save a copy of the keyfile to an USB drive in addition to storing it on your local computer.
 
Last edited:
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Thanks for this, nice to know.

On the other hand, I don't have any data I'd desperately want to hide from someone... Okay, credit card data is there, but then again it's travelling under SSL so no need for something else.
 
Joined
Apr 12, 2009
Messages
23,459
Okay, credit card data is there, but then again it's travelling under SSL so no need for something else.
Say, if Dropbox had a security breach you wouldn't be affected. You files, containing for example your financials and passwords, would still be safe.
 
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Yea, but the problem is that the only password I perhaps need to hide is the one for my e-mail, still I can reset that one too over my phone.
Financial data... I'm not avoiding tax paying, I'm not (yet ;)) into drugs, smuggling or money laundrying and honestly have nothing to hide there.

I could perhaps use it to encrypt pr0n videos. :)
 
Joined
Apr 12, 2009
Messages
23,459
Now that's a valid point. :)
 
Joined
Apr 12, 2009
Messages
23,459
I'm not so much worried about government spying as corporation and criminal spying, really. I don't put files out on the internet that I don't want everyone to see, though, so no worries there.

Whatever happened to using encryption in emails? Even back in the 90's, companies were starting to put hooks into PGP to strongly encrypt email and sign emails. It was still something of a pain but I would have expected it to be smooth as silk by now... but it's barely being used at all! What happened!? The signature feature alone seems ridiculously handy to me to ward off fake from addresses.
 
Joined
Aug 3, 2008
Messages
8,238
Location
Kansas City
There isn't yet a good way of distributing certificates for emails. The whole process of setting up your certificate is very cryptic and you'd need a set of reliable providers to offer storage and lookup of the public part of certificates. Another problem is storage of the private half of your certificate.
 
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
That doesn't sound all that hard. The ISP (or whoever is providing your email) could store the public key and provide it to anyone who wants the public key for that email address. They're only about 1k long, it's not like that would be a horrible bandwidth drain. As for the private key, that would just be on the user's PC(s) as part of their user profile for their email program - same as all those other things you can put into your profile. You'll have to copy it from one program to another but that's not so hard.

This would hardly be foolproof but it seems like it would be much better than we have now.
 
Joined
Aug 3, 2008
Messages
8,238
Location
Kansas City
Back
Top Bottom