Ask MetaFilter questions tagged with encryption

Are there any free Mac programs to remove PDF encryption?

raddevon — Sat, 12 Dec 2009 10:39:12 -0800

Are there any free Mac programs to remove PDF encryption? I purchased a PDF book which I would like to transfer to my new Kindle. I have done the transfer, but the Kindle cannot open the book. I assume this is because the book is encrypted. Does anyone know of a free program for the Mac which will remove this encryption?

Need encryption advice!

Rad_Boy — Fri, 20 Nov 2009 09:57:41 -0800

Please help me figure out a way to encrypt a folder on my Windows XP machine, and then back it up on various media. I would like to use one folder on my local drive to store sensitive documents of various types which I can access easily to work on, and save new ones there as easily as possible. These would be mostly pdfs and MS Office documents. (Not that it makes any difference, I am not talking about p0rn here). I would like this folder to be securely encrypted.

Then, I would like to be able to routinely back this folder up as well as other unencrypted folders for safekeeping on my home backup drive and other media such as usb sticks and the cloud.

I have looked at TrueCrypt briefly, and it turns me off because it talks about things I am not familiar with, such as "mounting volumes." However, if it would work well for what I want to do, then I might take the time to learn it. I just cannot be sure it will do what I want by looking at the TrueCrypt website, especially routinely backing up the encrypted drive to other media.

Can anyone help with suggestions?

Thanks!

Please suggest a software to password protect and hide data on Windows 7.

libbrichus — Sun, 25 Oct 2009 01:08:02 -0800

How do I password protect a folder or partition in windows 7 and also not have its contents included in Windows index or Everything. I do not want encryption, only password protection, so please don't suggest Truecrypt. I was using a software called My Lockbox and it does the job well but its contents still get indexed by Windows and Everything. I can exclude its location but is there a software that just password protects the stuff and makes sure the files are not read by indexing softwares even while the folder is unlocked.

I am not looking to hide it from anyone seriously looking for anything who'll run software/Live CDs to access the data. Just want to hide the embarrassing stuff from casual family users.

BitLocker and the battery NomNoms

@homer — Mon, 31 Aug 2009 18:55:36 -0800

How much will BitLocker eat my battery? I've been using BitLocker on my laptop since Vista came out and continue to use it with the Windows 7 RC. In my experience the drive performance with and without BitLocker is about the same. What I don't know is if power usage is the same. I've read everything I can find about BitLocker and anything related to resource usage talks about disk reads and writes and system speed impact and how little impact there is. I can guess that since there is encryption and decryption that my battery life between charges is shortened. What I'd like to know is by how much. Are there any hard numbers from Microsoft or is there any way for me to calculate the extra load and figure out power usage from that?

Need to password protect external hard-drive

heylight — Mon, 31 Aug 2009 12:25:45 -0800

Need to password protect external hard-drive So I have a hard-drive containing my life's creative work and it's rather important to me -- I have the contents backed up on a second external hard-drive, but I would really like to have the contents of both drives password encrypted/protected... so that if they were stolen, no one could access the contents.

What's the best program for this? Free or very cheap would be great.

Thanks!

Will S/MIME keep my email private even from me?

flabdablet — Thu, 13 Aug 2009 04:59:13 -0800

What happens to an S/MIME-encrypted email message when the certificate used to encrypt it expires? If, for example, I've got a bunch of S/MIME encrypted emails stored in a Gmail account that I use via Thunderbird and IMAP, and I have a certificate installed in Thunderbird which expires - do all those messages suddenly become unreadable?

Also: if I install an updated certificate, what happens when somebody I haven't heard from for a while sends me a mail encrypted using the public key from my old (but still not yet expired) certificate?

Let's not give all my data to oppressive governments, okay?

Nothing — Tue, 02 Jun 2009 10:51:10 -0800

How to I compute safely in dangerous places? Looking for advice on hiding data, protecting accounts, and securing connections. (Before I get started, the laptop is a macbook running OS 10.4. I work in development, am doing nothing illegal, just being cautious.)

I will be traveling for work to some places where the government has a reputation for doing some bad things, from monitoring internet usage to confiscating equipment and holding people until they provide passwords. I would like to secure my laptop as much as possible, keeping in mind that encryption is no good when they beat you until you tell them the password.

I have an encrypted VPN to use for network access, and I use gmail for email (not stored on the laptop itself), so between those two things, I expect my email to be pretty safe.

I use skype and google talk for chat, the former with local logging disabled and the latter through the web browser only, so I think that's pretty good.

However, I am also worried about documents on the computer itself. Is it possible to have a hidden encrypted drive? I've seen software that creates a virtual drive by creating a large encrypted file, but this seems like a pretty obvious thing to look for.

Or perhaps there is a way to load a different user account based on the password alone, so that I can load a "clean" desktop when / if asked to turn on the computer for officials? (Without obviously selecting a different account or something.)

I have been reading, mostly centered around this collection of links and comments, but was curious is anyone here on mefi had advice as well.

Hotel Uniform November Tango

itstheclamsname — Fri, 22 May 2009 05:55:14 -0800

I'm creating a scavenger hunt for friends and family, and the first step for participants is to figure out what they're looking for through a series of riddles, codes, and puzzles. I'm looking for fun ways to encode or otherwise obfuscate the clues. The clues (objects or signs the participants must find) are generally single words or short phrases, like "mermaid," "bird decoy," "the words 'great fun'" and "lighthouse." Each one will be the answer to a puzzle of some sort. The teams include both kids and adults, so I'm particularly interested in obfuscation techniques that are fun to figure out and don't require a lot of time or outside resources.

Some ideas I'm using are a rebus, a substitution code, and hiding the clue in a find-a-word puzzle. What other riddling means can I employ?

New Mac Setup

Admiral Haddock — Fri, 17 Apr 2009 09:56:33 -0800

OK, so my new Mac will arrive next week. Can power users fill me in on best practices for setting it up? I've used Macs for a looooong time now, but I think I've really lost touch with how they should be set up. I am currently running off of a first-generation MacBook where everything is set up on a single admin user (without a password--ugh).

So, starting from scratch, I'd like to set this up with an admin user, a user for me, and a guest user with limited privileges (but full access to iTunes and innocuous stuff). I've read the great tutorial on from this post already, but I still have (possibly stupid) questions that I'd love your thoughts on.

1) I presume I'll use migration assistant to get everything I want from the MacBook over to the Mac Pro. Do I set up an administrator first and then add the MacBook account as a new user? Or set up administrator and a new user, and import to the new user account directly? I've never used different accounts before--do you install programs while logged in as the administrator and then set which users have access? Or install as the user (with the admin password)? If you install as a user, can the administrator then share with the other accounts?

2) What about security? This thread has a lot of advice I hope to follow. But a couple other questions: I expect my home directory for the user account will be about 300-500 GB. Is Filevault able to decrypt/encrypt large directories on the fly, or does it get choked up? Does it make more sense just to use encryption on certain subfolders, rather than the whole user directory? If so, what program? Should I be setting up an Open Firmware password? Or is this just overkill?

3) Would it make sense to keep all of my documents on a second drive in one of the extra bays, so that I can yank the personal stuff if I ever have to send in the machine?

4) What about installing Windows? I think I'm assuming I might install it with Bootcamp, but I have an old version of Parallels I might upgrade to the latest and greatest. Is it safer to install Windows on a dedicated drive? How does Windows (either in Boot Camp or in virtualization) play with multiple accounts/security settings?

I'd definitely like to set up the new machine right the first time. Thanks in advance for your input!

Dual boot, single drive, encryption

yoyoceramic — Sun, 12 Apr 2009 12:33:43 -0800

Dual booting Win XP and Win 7 off the same disk... I have already used TrueCrypt to encrypt the primary Win XP Partition. Anything I should know before attempting to do the Win 7 partition? I don't want to mess up any boot loaders. I want to proceed carefully here. I have already encrypted my Windows XP partition (the same partition that has Windows Boot Manager on it), and now I need to encrypt my other partition which contains Windows 7.

Is there anything I need to know before I proceed with this? I am assuming when I am booted into Win7 I just choose the "encrypt partition" option from TC.... I just dont want to mess up the TC boot loader that is already on my system due to the encryption job I made on Win XP.

SSL and compromised networks?

Busoni — Sun, 22 Mar 2009 14:01:55 -0800

Does SSL protect information even if the wi-fi connection is unsecured? Say a person is using an available wi-fi network, the source of which he doesn't know. It could be a generous neighbor, or a honeypot. If the person checks his email and his bank accounts, does it matter that the URLs begin with https://?

If the ethics of this question are problematic, consider the hypothetical case of "duplicated" public wi-fi hotspots, in which a hacker creates a network with a duplicate SSID.

Best way to manage decryption/decompression of iPhone app bundle resources?

avocade — Wed, 04 Mar 2009 14:24:27 -0800

How to best encrypt and compress a folder of html-files in the iPhone app bundle, and unpack on first start? (DRM) My client wants to encrypt/compress the html-code for their medical books inside the iPhone bundle, to protect their IP.

Whats is a good way to prepare this file for the app bundle, and what complementary libraries (C, Obj-C) should I use to do the decryption and decompressing on the first launch of the app?

Copying the file to ~/Documents, then working on it seems like the best solution. Thoughts?

Encryption 101

devilshgrin — Mon, 02 Feb 2009 10:29:06 -0800

Can you point me an easy explanation of encryption technologies? I am working at a job where I am coming more and more in contact with acronyms like SSH, SFTP, SCP, PGP, etc....

Can someone point me to a good and hopefully simple resource for learning more about these terms?

Using physical encrypted disk in a VMWare Server virtual machine?

Ziggy Zaga — Sun, 18 Jan 2009 09:11:16 -0800

VMWare Server 1.0.8 on Ubuntu Linux 8.10 Host: Is it possible to use an encrypted disk on the host machine as a physical disk for a virtual machine? I can't find any information on doing this at all, save for this comment in the VMWare feature suggestion board. It was posted last year and leads me to believe this is not possible. The reason I'm still asking this question is because that info is 1 year old and surely somebody might know a workaround (or a better way to do this).

dm-crypt, cryptsetup and luks were used to set up several encrypted partitions on /dev/sda. I want to be able to mount these partitions on a virtual machine. They work just fine on the host machine.

When I try adding the drive (/dev/sda) or the partitions to the VM via the VMWare interface (even as root), I get permission denied errors ("insufficient permission to access file"). This happens if I don't decrypt the drive beforehand, and it happens when I do (and mount the partitions read-only to the host filesystem). Either way I can't use the entire disk or the individual partitions.

I've tried setting /dev/mapper/(entry) as the physical disk for the machine but VMWare won't recognize /dev/mapper entries as a drive.

I also tried upgrading to VMWare Server 2.0 but that product is laughably bad. I don't know if it will do what I need or not since it is too slow and too buggy for me to even install the VM.

The encrypted disk in question is removable and used on multiple machines, the rest of which are not virtual. So creating a virtual disk for the virtual machine and encrypting that would not work.

Any help would be appreciated. Thanks!

Help Me Secure my USB Drive

Irontom — Thu, 08 Jan 2009 11:20:49 -0800

I have a shiny new 4 GB USB drive, and I want to secure the information on it (bank info, passwords, etc). What's the best (free) way to do this? rushmc asked this question 4 years ago, but that was a very long time ago. I need for the solution to be limited to the usb stick only - I will be using it in multiple environments where I do not have admin rights to the machines I am using.

Online Encryption of Passwords?

snap_dragon — Mon, 05 Jan 2009 11:16:58 -0800

Is there any free or cheap service where I can store all my passwords, uh, online? Is this a reasonable question or am I being foolish? I have all my passwords in a Word document but don't like carrying them on my usb as a)I lose it. Is there such a site for security that I can encrypt this tiny but precious document?

I maed you an encrypted volume but then I losted it.

desjardins — Sat, 27 Dec 2008 12:41:26 -0800

I encrypted a bunch of stuff using TrueCrypt, but I forgot where I put it. Help me find it? Yes, I feel dumb. Three months ago I encrypted a bunch of files so my housesitter couldn't access them. I remember the password, but I don't know where I put the volume. Since you can name it anything, how can I go about finding it again?

Windows XP desktop with 2 internal hard drives. Could be on either one. The volume would be around 10G in size.

Can a drive that is encrypted with software-based full disk encryption be cloned?

Anonymous — Tue, 09 Dec 2008 07:43:47 -0800

Can a drive that is encrypted with software-based full disk encryption be cloned? I have a laptop with a hard drive that is encrypted with software-based full disk encryption (Utimaco SafeGuard Easy), and I want to upgrade to a faster and larger drive. Can the entire drive be cloned without unencrypting the drive? Will I be able to clone to a larger drive? I am not able to remove/modify/reconfigure the encryption software, as it was installed by the IT overlords.

(For extra points, any suggestions for open-source/free cloning software?)

Safe emailing of confidential files?

PatoPata — Wed, 26 Nov 2008 09:55:27 -0800

I occasionally need to email PDFs and Word docs that contain confidential information. My clients claim their email is "secure" and don't see the need for any encryption or any approach other than me emailing them the files. What can I do? They won't accept .zip files, much less a .zip file with a password.

One alternative is to fax the info, but I use web-based faxing, so the PDF goes through a third party before it gets to the recipient. Also, the recipients prefer electronic delivery for some files so the file can be edited on their end.

With the most recent client, I asked if I could upload the files to a secure FTP server and the answer was no.

These are major companies I'm dealing with that supposedly are tech savvy, including government contractors. The files I'm sending include my name, Social Security number, address, bank account info for direct deposit, and similar W-9 type stuff.

I'm on a Mac; the recipients are on PCs. I'm talking about protecting attachments, not the text message in the email itself. Any ideas on (1) how to convince an admin assistant who has no tech knowledge that sending an unprotected PDF or Word doc with this info is a bad idea and (2) how to get her the files in a way she can deal with?

How do I open an encrypted file with program Encrypt-my-Folder?

Seeba — Wed, 12 Nov 2008 21:26:27 -0800

How do I open an encrypted file with Encrypt-my-Folder? I used the program "Encrypt my Folder" to password protect several folders of information. My computer crashed, but I was able to (using a bit-by-bit reconstructive program) get the files back. I know the password to open the files, but when I reinstall the program and enter the password, it just tells me "The Password is Wrong". (It isn't- I kept notes, and have used the same notes to open it for months... this problem has only cropped up since I reinstalled the program. I've tried deleting the program, redownloading, fresh reinstall, to no luck.)

Is there another way to open the "folder" (the encrypted folders show up as a "file"- like a zipped folder does)?

How do I protect my backup drive?

truth1ness — Thu, 30 Oct 2008 13:47:12 -0800

How do I secure my backup hard drive that I copy my computer's content onto? I use SuperDuper on my Mac and copy my whole bootable disk image to a backup drive connected to my computer. Now, my computer is pretty well protected, I have passwords to get into any account and on my screensaver. When logged in as one user, you can't access files in another user's folder.
However, it seems like the weak spot in my security is the hard drive that I back up to. When I access the drive and look at the files, I'm able to get into every folder and see everything and never have to access a password. Someone could take my hard drive and have all my information.
So how to I protect my backup hard drive? Is there a way to password protect its contents, encrypt it somehow, etc? Is it something I would do in SuperDuper or do I need another program? Would turning on Mac's built in FileVault encryption on my computer protect me (I've never used it so I'm not sure how it works)?

Email Encryption

marxchivist — Tue, 14 Oct 2008 09:25:58 -0800

Help in briefly listing E-Mail Encryption options. Is this Wikipedia list of protocols a good start? I give workshops to government agencies on records management and we are increasingly getting people asking about sending confidential information via email. Our answer to that historically has been "don't send confidential information by email." But I'd like to add one slide to our presentation perhaps listing some options or protocols.

For our presentations we keep IT things very, very basic. For example we often say to have reliable electronic records: "make sure your network is secure. Talk to your IT people about this."

What I'm looking for is a list of four or five options and say "Ask your IT people about this." If the person takes that list to their IT person, I don't want us to look like COMPLETE morons. I'm comfortable with the IT person saying "these two things suck" or "they left something out." If I make a list I want to make sure they are the same things: protocols or programs or standards.

I tried googling and seemed to mostly get places selling encryption software. I would probably also add something to the slide like "many off the shelf products available."

If you haven't figured it out, I know almost nothing about this. Looking at this previous question answer, is that basically what it comes down to: PGP vs S/MIME? Also found this question, any answers in there that pop out as particularly useful?

Thank you!

My blog is in leetspeek! Reading it constitutes a breach of the DMCA!

explosion — Tue, 30 Sep 2008 18:57:31 -0800

What is the difference (legal or otherwise) between "decoding" and "decrypting?" I understand that for purposes of making more money and whatnot, the MPAA and RIAA would like "decrypting" their media to be illegal.

What I wonder though, is what is the difference between "decryption" and mere "decoding"? Music is encoded on a CD, and a CD player or computer decodes it back into music, right? So why, when on a DVD, is the movie considered "decryption"?

Is it seriously possible to make something legally "encrypted" just by ROT13ing it, and is there a legal distinction between the two concepts?

Anyone know of a small device with an LCD for securely storing passwords?

paulyballs — Fri, 29 Aug 2008 06:14:49 -0800

Anyone know of a small device with an LCD for securely storing passwords? An executive at my company is looking for a standalone device (not Blackberry password keeper) that he can carry around that will securely store all his passwords. He is looking for a portable password “keeper” with LCD. He is looking to store all his personal passwords, pin #’s, cc info and so on and to be able to view them without a computer present, hence the LCD requirement. Also it needs to be encrypted so if he loses it, no one can access the data. I haven't been able to find anything. Anyone ever heard of such a thing?

Trying Like Hell To Defeat The Purpose Of Encrypting Something In The First Place

ChasFile — Fri, 08 Aug 2008 18:04:28 -0800

How weak is it smart to allow my GPG key passphrase to get? When selecting a passphrase for my GPG key, is it important that it be maximally obfuscated (a random string of alphanumerics and special characters that is $MAX_STRING_LEN long)? Would it be acceptable to use a partially-obfuscated string that's at least memorizable? Would it be considered beyond the pale of idiocy to incorporate a word in the dictionary in the keyphrase?

Ideally, I'd like to be able to type the passphrase in from memory, and (for me) that is easiest done if – while incorporating special chars, numbers, and caps variations – is also at least based on an English word or phrase. Is that erect-a-monument-to-it stupid?