Complete Privacy & Security Podcast E003

Complete Privacy & Security Podcast Episode 003 – All Aboard the Privacy Train

Our third episode of The Complete Privacy & Security Podcast is now available. In this episode, we discuss the VeraCrypt audit and interview a married couple about properly proposing privacy changes to a reluctant significant other.

Show Notes:

VeraCrypt Audit Results: https://ostif.org/the-veracrypt-audit-results/

Audit AMA (Reddit): https://www.reddit.com/r/privacy/comments/57yfla/veracrypt_has_been_audited_here_are_the_results/

(Nearly) Useless OPSEC Measure: Route Variation

The practice of varying your routes between home and work is sometimes touted as an OPSEC measure.  This is sometimes advocated by law enforcement or military organizations as a measure their members should take, and in some instances it may actually be a good idea. I began to think seriously about this, however, when I read a few articles that explicity or implicitly seemed to recommended the practice to average citizens in the prepping or “tactical lifestyle” communities. Continue reading “(Nearly) Useless OPSEC Measure: Route Variation”

VeraCrypt Hidden Volumes

Another feature of VeraCrypt that may offer some utility for some users is called “hidden” volumes. VeraCrypt hidden volumes allow you to create encrypted file containers that are truly cryptographically hidden…with some very big caveats. Today I will discuss these more fully, and you can decide if they are an important aspect of your digital security plan. Continue reading “VeraCrypt Hidden Volumes”

VeraCrypt Keyfiles as TFA

This week will get into some advanced features of VeraCrypt. These features are where VeraCrypt really starts to stand head and shoulders above other encryption options. One such feature, and one that I rarely hear mentioned, is the ability to use keyfiles. I think much of this is due to a lack of understanding as to exactly what keyfiles are to begin with. But they offer a pretty incredibly capability. Without them, your VeraCrypt volumes are protected only with a password. But using the VeraCrypt keyfiles feature allows you to require a second authentication factor – the keyfile. Let’s look at how this works. Continue reading “VeraCrypt Keyfiles as TFA”

Coinbase Review – Bitcoin Simplified I

Some of you have asked about using Bitcoin. Bitcoin has some amazing privacy advantages, but the process can be intimdating. Additionally, using Bitcoin requires giving up your bank account information which can be a scary prospect. Coinbase is an online Bitcoin wallet that makes using Bitcoin easy and intuitive. In Part I of this Coinbase review I am going to talk about the security of the service. Hopefully this will allay some of your fears about using Bitcoin. The next part will talk about actually using Bitcoin. Continue reading “Coinbase Review – Bitcoin Simplified I”

Windows GPG File Encryption

Several months ago I wrote a series on DIY email encryption. One of the steps in this process was installing Gnu Privacy Guard (GPG). This is the free, open-source program that actually manages the cryptographic functions of encrypting your emails. Fortunately, if you have GPG installed, you also have a powerful tool for encrypting files locally. Windows GPG file encryption is really simple to use and provides really strong protection for your data-at-rest. Continue reading “Windows GPG File Encryption”

Mac GPG File Encryption

Several months ago I wrote a series on DIY email encryption. One of the steps in this process was installing Gnu Privacy Guard (GPG). This is the free, open-source program that actually manages the cryptographic functions of encrypting your emails. Fortunately, if you have GPG installed, you also have a powerful tool for encrypting files locally. Mac GPG file encryption is really simple to use and provides really strong protection for your data-at-rest. Continue reading “Mac GPG File Encryption”

Microsoft PowerPoint File Encryption (Mac)

Microsoft PowerPoint file encryption allows you to quickly and easily secure PowerPoint presentations. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Continue reading “Microsoft PowerPoint File Encryption (Mac)”

Microsoft Excel File Encryption (Mac)

Microsoft Excel file encryption allows you to quickly and easily secure PowerPoint presentations. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Continue reading “Microsoft Excel File Encryption (Mac)”

Microsoft Word File Encryption (Mac)

Microsoft Word file encryption allows you to quickly and easily secure Word documents. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Unfortunately the password cap for Microsoft Word file encryption is 14 characters. This tutorial uses Microsoft Office 2016 running on macOS El Capitan. Continue reading “Microsoft Word File Encryption (Mac)”