Tech Sense: Free Gifts for the Privacy Minded By John Bell
Free Gifts for the Privacy Minded
The holiday season is upon us as we work, play, shop, and go to school online. For many of us hours and jobs have been cut making Christmas shopping a challenge. I thought I might try and help by creating a list of free software gifts that should be appreciated by anyone who wants to protect their privacy.
You know that guy who writes “Tech Sense” for The Beltsville News keeps telling you that you need long passwords that are hard to crack and must be different for each site and must be changed regularly? Yeah, you ask, but how am I supposed to remember all of those passwords? Try KeePass (https://keypass.info). KeePass is a free and open-source password manager that securely stores all of your passwords in one place where they are locked and protected in a secure database behind a primary key. Now you only need to remember one strong password. Because KeePass is open source; anybody can examine the code to make certain it is secure. KeePass will even make up secure passwords for you.
Gnu Privacy Guard (GPG)
Gnu Privacy Guard is best known for helping to secure email messages. It can integrate with Outlook and other email clients allowing you to securely sign messages so the recipient can prove that the message come from you and was not changed after the message was signed. It is a free and open-source implementation of the OpenPGP (Open Pretty Good Privacy) standard as captured in the IETF RFC-4880. Ok, I know that was gobbledygook for most of you, suffice it to say it has creds. If you are a Windows user, you will want to get GPG4Win from https://www.gpg4win.org but for other platforms use https://gnupg.org/download/ . GPG is very good at what it does, but let me warn you, understanding the tools used to protect your privacy and security can be very difficult. Even if you never install the software, reading the manuals will be an education.
Sometimes all we want to do is protect a single file from prying eyes. We don’t want to know about public and private keys, digital signatures, and asymmetric encryption. AESCrypt is one of the solutions that does a single thing; it takes a password and encrypts the file using that password. The new encrypted file gets .aes added to the end of the filename. To decrypt the file, provide the password and a new unencrypted (or plaintext) file will be created without the .aes at the end of the filename. The program is free and open source and can be found for most platforms at https://www.aescrypt.com.
To be fair, I do not use AESCrypt because I have been using 7-Zip for a very long time. 7-Zip is a free and open-source file compressor used to make collections of files shrink in size. It is similar to the well-known WinZip program. Both 7-Zip and WinZip allow files added to the zip file (archive) to be encrypted. Both programs support AES 256 encryption. When you add a file to the archive you will be asked for the optional password. If you provide the password, the file will be encrypted as it is added, and the password will be required to recover the file. 7-Zip is available for most platforms, and several other compression programs also support the same encryption mechanisms and formats. Both AESCrypt and 7-Zip allow me to securely send an encrypted file as an email attachment and then share the password with the receiving party over the phone or through a different, separate means allowing them to access the underlying document. You can download 7-Zip from https://www.7-zip.org.
So, I have dutifully encrypted my financial, tax, and health data to secure my files, but now I need to get rid of the originals. If I simply delete the file, it is still there in the recycle bin. Even if I empty the recycle bin or I use shift-del to delete the file without recycling it is still there, and anyone with the right tools can recover the data. How do I get rid of the original file? I use a file shredder or in this case BleachBit. BleachBit removes the file from your hard drive permanently shredding it as it goes. In this case shredding includes overwriting the directory information and writing new random or zero data over every block in the file. This effectively prevents the original data from being recoverable making it safe. BleachBit can be found at https://www.bleachbit.org/.
VeraCrypt is also an encryption tool but unlike the others, which are used to encrypt individual files, VeraCrypt is used to encrypt an entire disk. This makes it popular to encrypt external hard drives and USB drives so information on them can’t be used if they are lost or stolen. It can also be used to encrypt your entire boot drive so if your laptop is stolen the information on it can’t be recovered without the password. VeraCrypt can be found at https://www.veracrypt.fr/en/Home.html.
I wish all of my readers’ happy and safe holidays. Remember that it’s about what you give more than what you get. Happy New Year, hopefully it will be better than the old one.