(Nearly) Useless OPSEC Measure: Route Variation

The practice of varying your routes between home and work is sometimes touted as an OPSEC measure.  This is sometimes advocated by law enforcement or military organizations as a measure their members should take, and in some instances it may actually be a good idea. I began to think seriously about this, however, when I read a few articles that explicity or implicitly seemed to recommended the practice to average citizens in the prepping or “tactical lifestyle” communities. Continue reading “(Nearly) Useless OPSEC Measure: Route Variation”

VeraCrypt Hidden Volumes

Another feature of VeraCrypt that may offer some utility for some users is called “hidden” volumes. VeraCrypt hidden volumes allow you to create encrypted file containers that are truly cryptographically hidden…with some very big caveats. Today I will discuss these more fully, and you can decide if they are an important aspect of your digital security plan. Continue reading “VeraCrypt Hidden Volumes”

VeraCrypt Keyfiles as TFA

This week will get into some advanced features of VeraCrypt. These features are where VeraCrypt really starts to stand head and shoulders above other encryption options. One such feature, and one that I rarely hear mentioned, is the ability to use keyfiles. I think much of this is due to a lack of understanding as to exactly what keyfiles are to begin with. But they offer a pretty incredibly capability. Without them, your VeraCrypt volumes are protected only with a password. But using the VeraCrypt keyfiles feature allows you to require a second authentication factor – the keyfile. Let’s look at how this works. Continue reading “VeraCrypt Keyfiles as TFA”

Windows GPG File Encryption

Several months ago I wrote a series on DIY email encryption. One of the steps in this process was installing Gnu Privacy Guard (GPG). This is the free, open-source program that actually manages the cryptographic functions of encrypting your emails. Fortunately, if you have GPG installed, you also have a powerful tool for encrypting files locally. Windows GPG file encryption is really simple to use and provides really strong protection for your data-at-rest. Continue reading “Windows GPG File Encryption”

Mac GPG File Encryption

Several months ago I wrote a series on DIY email encryption. One of the steps in this process was installing Gnu Privacy Guard (GPG). This is the free, open-source program that actually manages the cryptographic functions of encrypting your emails. Fortunately, if you have GPG installed, you also have a powerful tool for encrypting files locally. Mac GPG file encryption is really simple to use and provides really strong protection for your data-at-rest. Continue reading “Mac GPG File Encryption”

Microsoft PowerPoint File Encryption (Mac)

Microsoft PowerPoint file encryption allows you to quickly and easily secure PowerPoint presentations. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Continue reading “Microsoft PowerPoint File Encryption (Mac)”

Microsoft Excel File Encryption (Mac)

Microsoft Excel file encryption allows you to quickly and easily secure PowerPoint presentations. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Continue reading “Microsoft Excel File Encryption (Mac)”

Microsoft Word File Encryption (Mac)

Microsoft Word file encryption allows you to quickly and easily secure Word documents. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Unfortunately the password cap for Microsoft Word file encryption is 14 characters. This tutorial uses Microsoft Office 2016 running on macOS El Capitan. Continue reading “Microsoft Word File Encryption (Mac)”

Microsoft Office File Encryption (Windows)

Microsoft Word file encryption allows you to quickly and easily secure Word documents. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 and newer uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Continue reading “Microsoft Office File Encryption (Windows)”

7-Zip File Encryption

Though typically considered a compression program that allows you to “zip” files into a much smaller .zip file, 7-Zip also offers the ability to encrypt individual files. 7-Zip file encryption uses AES-256, and the program is free and open source.  In addition to encrypting the files, also offers the ability to encrypt the filenames.  This is a very important feature as filenames can reveal information about the contents of the files themselves, making 7-Zip a great tool for use when uploading to the cloud or anywhere else the files may be visible to a third-party. 7-Zip is free, and is officially supported for Windows and Linux. Continue reading “7-Zip File Encryption”