6 encryption tools that will secure your data

Image courtesy of jeff_golden at Flickr.com

Encryption is defined as the conversion of electronic data, Plaintext, into ciphertext, encrypted text. This type of text can be hard to understand by a person that is not authorized to do so. Encryption main purpose is to help in the protection of your confidential electronic data which can be found in your laptop, personal computer, or the digital information sent through Internet and other networks. Even though the use of encryption is not new for humans, the advancements about it are greater every day. These advancements are generated by the increment of security problems on the transferring of digital data. That’s why companies related to these issues have worked for many years to develop strategies against safety gaps. In this list, you will find encryption tools that were created to help you in the difficult task of protecting your valuable digital data from the online threats out there.

BitLocker

This full disk encryption software has been developed by Microsoft and it has been set up in almost every Windows operating system. BitLocker works with AES (Advanced Encryption Standard) which is a military grade encryption that most of the security companies use. The easiness of this encryption tool is that you can use it effortlessly, and you can already find it in your Windows operating system. When you encrypt your hard disk with BitLocker, it will block any data breaches or exfiltration from it. If someone steals your laptop, it would be impossible for them to access your files.

7Zip

If you dislike the idea of encrypting the whole hard disk, 7Zip is the right tool for you. 7Zip is a simple but powerful encryption tool (AES - 256) that can support you with ciphering only the data you need to. It works with a 7z archive format, but other archive formats can be also read and written. This encryption tool has a great compression format, and it can extract nearly all file formats. 7Zip is suitable for almost all Windows versions, and you can find it in about 87 languages.

AxCrypt

This encryption software has been around for 15 years, making one of the most popular tools to encrypt data around the world. You can use this software to protect important data from your computer system. AxCrypt encrypts a file during a definite extent of time, and it will be decrypted automatically after it arrives safely to its destination. This tool is simple and fast which makes easier to encipher a complete folder or a group of files. In addition, AxCrypt provides safety against cyber criminal attacks and their extensive cracking methods. It can be installed on different Windows operating systems.

Image courtesy of Linux Screenshots at Flickr.com

VeraCrypt

Tools from VeraCrypt strengthen the security of the system algorithms and its encrypted partitions so it becomes immune to advanced cyber attacks. You can download it freely for Windows, Linux and MacOSX operating systems. If you have files with the obsolete TrueCrypt too, the version 1.0f of VeraCrypt can import TrueCrypt files and it can convert containers and system partitions from a TrueCrypt format to a VeraCrypt one. This encryption tool is been continually improved and its updates increases its security. 

Tor Browser

This tool has been created to allow anonymity and protection while accessing the network. Its software bounces your communications over a worldwide distributed network of relays that are carried out by volunteers. The Tor Browser can be operated by anyone who wishes online privacy and wants to keep prying eyes out of the picture during browsing activity. With this tool, you can also avoid sharing your location to the web sites you visit, and makes almost impossible to trace back to you your instant messages and other communicative activities. The Tor Browser can be used on Windows, Mac OS X, or Linux, and it can be run off from a USB flash drive, so it is not necessary to install any software.

Virtual Private Network – VPN

Virtual Private Network (VPN) makes use of encryption to offer secure access to a remote computer across the internet. VPN is a private network that establishes an encrypted channel capable of protecting your communication from interference attacks. This is another alternative to be online in complete privacy, especially if you need to work remotely and operate private company networks. For instance, VPN is very useful when you want to transfer confidential data or you need to run highly important operations online. Besides, Don Burns recommends using VPN if you connect from unsafe public networks, so you can encrypt your private information and protect your web traffic.

Read more about encrypt and secure communications in this older post “How to encrypt communications”

Silent Circle, the company that turns your privacy into a business

Image courtesy of Maurizio Pesce at Flickr.com

There is no more to it. Privacy and security in communications has to be included within the public and private security plans of organizations and individuals. Silent Circle is a company founded from the need for a new form of digital privacy. It was created in 2011 when Mike Janke, former member of the US Navy; and Phil Zimmerman, creator of PGP (Pretty Good Privacy), met with the idea of developing a new, safer version of Skype.

From this they summoned the other co-founders: Jon Callas, creator of Apple's encryption software, and Vincent Moscaritolo to found the company, in 2014, with the launch of the first phone designed to protect the privacy and digital safety of users. Its name: the BlackPhone.

To reinforce their commitment to the privacy of information, in 2014 they moved their headquarters to Geneva (Switzerland) since this is considered one of the countries with a stronger legislation to protect the privacy of information and, therefore, its customers’.

After four years of operation in Europe and the US, the company committed to emerging markets, targeting Mexico and the rest of Latin America. This is a region that has all elements at play when it comes to security, but there is still work to be done regarding the awareness of risks that exist and how much of the users contributions play a part in being at risk.

Privacy and security in communications must be included within the security plan of organizations and individuals. This initial phase should provoke a cultural and organizational change. Prevention is always the best tool when it comes to crises. The lack of privacy and security can bring financial and reputational losses to both organisations and individuals.

Silent Circle wants to work for the privacy of Latin American markets and their people. They will focus in carrying their message to CEOs or CTOs, as well as the whole society by talking about the risks that exist today in mobile environments. And at the operational level, within organizations, for them to understand the current severity of implementing these policies.

Over the past few years, losses have been reported due to leakages or theft of information equivalent to more than 156 billion dollars. But we should keep in mind that this risk is for companies, organizations and the end consumer. It's not about restricting, but raising awareness and giving people the right tools for them to have a professional and personal balance without losing connectivity or sacrificing functionality.

Image courtesy of Jon Callas at Flickr.com

In this scenario, Silent Circle offers the first platform designed for the privacy of individuals, which is composed of their mobile device, the BlackPhone 2 and the software Silent OS, and the Silent Phone, along with services that add value such as the Silent Manager. The purpose of each of the components of this platform is to provide private and secure communications to the users.

Silent OS the operating system which is exclusive to the BlackPhone 2. It is based on Android but it's designed to address the current concerns about the privacy and safety of users. This means there won't be any leakages of information. The operating system gives users control of their personal, work and family privacy without sacrificing their lifestyles.

Blackphone 2 is the device that provides extra levels of security, such as the Security Center to give absolute control over the personal information that apps request on the mobile device.

The potential markets

The company got to Mexico with an aggressive plan. Seeking to consolidate in that country and then opening to other markets in order to meet the needs of digital privacy and security of the region, it includes staffing and business partners that allows them to develop and effectively execute their operations, which in turn directly affects job creation.

Thanks to their portfolio, the company works hand in hand with the constant needs of private entities, government or whoever handles sensitive information in a more frequent way that has an impact on their organizations. In addition, at the moment, they believe they have an offer and a solution that penetrates different niches and contemplates the growing need for privacy and security of communications and the information in society. This allows them to position themselves in the various Latin American markets and consumer preferences.

How will the BlackPhone be marketed?

The company started operations in its first phase with just one mobile carrier, but it will subsequently do it with the rest of the carriers. The phone is intended for all users, not just businesses, as it provides all the functionality of the best smartphones in the industry and it adds an important piece of privacy and information security and communications. This gives them a very broad spectrum of consumers and they are not limiting functionality or connectivity to their daily lives, but they protect them through the Silent OS and their communications platform, Silent Phone, at the highest level, both information management and communications.

Here are the tools Snowden used to encrypt his communications

Image courtesy of danjo paluska at Flickr.com

1. Tor

Formerly known as "The Onion Network", Tor is a free software to enable online anonymity. Tor redirects Internet traffic through a global network of volunteers consisting of more than three thousand relays that hide the activity or location of the user to anyone who is performing network surveillance or traffic analysis.

When Edward Snowden decided to take all the information he could and leak it to the media to publicly denounce atrocities against individuality and the right to private information, he focused on using his knowledge about encryption to make communications impossible to track or filter to his superiors or even other governments.

Snowden used a series of tools that anyone can access, which says a lot about security available to anyone.

We now see the importance of an open source project that is poorly funded. In the same way that projects like OpenSSL should have been supported, these are some projects that should also be funded:

2. Tails

Tails is certainly one of the tools that people who handle sensitive information should definitely use. It is a Linux distribution based on Debian Live and whose focus is security and anonymity.

Unlike other operating systems, Tails is designed to be used from a USB and so it never leaves any traces of usage in the memories of the computers you use to log in. It is the great strength of Tails, you do not need to have a PC, any PC that you find with a USB port and the option of booting from a USB drive, you can use it to have your own secure communications environment.

Tails uses Tor to anonymize your Internet connection, but not just web browsing: all communications are routed using this network, blocking any application that attempts to connect using a network other than Tor.

You can download Tails from the project’s site and install it on any USB drive.

3. Tor + Tor Browser

As we mentioned before, Tails is always connected through the Tor network. Tor Browser is the solution for those who want to surf the web without leaving any trace. First, because it is connected using a P2P network of Tor users anonymously and safely. Second, because the browser does not store any data, preventing passwords to be saved in the browser’s memory.

Tor is an anonymous and secure network, which is used both for good and for bad things. We know of famous sites like Silk Road that have given a bad name to this network, but it is clear that like any other tool, you can use it with good or bad intentions.

4. GPG and PGP

PGP stands for Pretty Good Privacy and it’s an application created by Phil Zimmermann, which allows to encrypt contents based on public key cryptography. This means that, in order to read an email encrypted with PGP, the sender has to have a key to encrypt and the recipient must have another key to decrypt the message.

PGP has proven to be quite safe to share information via email. It is the system that Snowden used to communicate with Laura Poitras and journalist Glenn Greenwald of The Guardian.

PGP is quite easy to use in your communications. If you use Gmail, Yahoo Mail, or Outlook.com, you can use Mailvelope. For Windows users there is a plugin for Outlook 2010 and 2013 along with Gpg4win. Yahoo already encrypts the content of your messages even between servers.

5. Lavabit

Lavabit was the secure email service used by Snowden. Created and maintained by Ladar Levison, he decided to shut down the service and the company in August of 2013 due to the pressure of the US government. US Congress laws made Lavabit unable to share what was happening while they became accomplices in crimes against the United States.

Snowden used an email address with a lavabit.com domain to communicate with the media while in the Moscow airport. Nevertheless, the service was forced to close due to pressure by the US government.

Lavabit offered a webmail service with a focus on safety. They used advanced cryptographic methods to encrypt communications and emails in order to make them impossible to break into. In mid-2013, Lavabit had over 400,000 users with free and paid services, depending on the required storage space.

Today we can find many email services focusing on security, such as Hushmail or Resistemail.

6. Other tools

Image courtesy of Simon Waldherr at Flickr.com

All you have to do is search for a while to find many solutions that claim to be secure and encrypted for all types of communications. There are complete operating systems, email management solutions, mail encryption and secure web navigation. But there are many other services that can be used to ensure private communications.

Especially when it comes to instant ​​messaging, it is easy to find solutions with encryption. In the area of ​​mobile messaging, there are dozens of applications that claim to be safe. WhatsApp recently became one of those safe options, since they started implementing end-to-end encryption. BlackBerry Messenger is another safe alternative to hold encrypted, multiplatform conversations.

Encryption Software at the Heart of Apple’s Battle with Government

A San Bernardino couple launched a deadly attack at a government rehabilitation center on December 2, 2015 that resulted in 14 deaths and more than 21 injuries. Aside from the firearms used, the cell phones of the suspects were the subject of intense law enforcement scrutiny. In order to determine a motive, investigators sifted through shipping records; interviewed co-workers, neighbors, and family; and even combed the suspects’ social media posts.

To date, federal investigators have been unable to get their hands on any information contained in the smartphone of suspect Syed Rizwan Farook due to Apple’s refusal to allow access to the server. The FBI issued a warrant for the data contained in Farook’s phone, but received a flat-out refusal from Apple. Apple cites privacy concerns that go beyond individual users and asserts that accessing data cannot be accomplished without potentially compromising the data security of millions of iPhone users.

How Apple Approaches User Privacy

In addition to the built-in encryption software, Apple has gone to great lengths to increase privacy from the user’s end. There is a two-step verification process that requires users to enter their Apple ID credentials for functions like making purchases, making account changes, or setting up a new device. In the event that an iPhone is lost or stolen, a user can access their iCloud account from another device and remotely lock the device to prevent information from being accessed. Remote Wipe allows users to completely erase data from the iPhone should it end up in the wrong hands.

Apple uses what are called tokens to transmit and store encrypted data on its iPhones. Tokens store information on the phone itself and on Apple’s servers, as well as in the cloud (Apple’s proprietary cloud software is called iCloud). The data is subject to high-level encryption that obscures credit cards stored in Apple Pay and passwords stored in Apple’s Keychain and emails, just to name a few.

These privacy features are so secure that Apple asserts that it cannot directly access the information stored on a user’s iPhone. While this eases fears of prying eyes accessing sensitive information, it presents a huge problem when law enforcement has a legitimate need to access phone data during an investigation.

Apple’s Encryption Software

Apple devices have been praised for their high level of security and the encryption in its devices. Although no device is 100% safe from unauthorized data access, Apple has gone to great lengths to protect user information. In fact, Apple’s encryption software is at the heart of the conflict with the FBI.

As details began to emerge about the San Bernardino shooters, officials attempted to access the data in Farook’s iPhone but thanks to encryption software it proved impossible. Apple’s software ensured that the phone’s data would be permanently erased after several unsuccessful password attempts. Once the FBI was made aware of how the data encryption software functions, it was compelled to request the data from Apple directly.

Apple CEO Tim Cook insists that the encryption software is so secure that the company itself cannot even access the information. Cook stated that in order to access data from any user’s phone, the code for the company’s encryption software would have to be completely rewritten. This would not only be a major undertaking for Apple, but it would essentially open the door to every iPhone owner’s personal information.

While this is certainly not the first time that Apple has been ordered by a court to unlock an iPhone, it is one of the first instances since the company rolled out the iOS 8 update in 2014. The update included encryption software that cannot be accessed by a third party or Apple. Previous iOS versions could be accessed in certain circumstances, especially when law enforcement requested the information. The update came on the heels of widely publicized iPhone data leaks – some of which involved celebrity photos – so Apple had a lot at stake and sought to quell criticism of its privacy protection efforts.

Current Issues

Although the company has cooperated with law enforcement in the past, Apple does not make it easy to access information, and each request is reviewed on a case-by-case basis, even if a search warrant is issued. According to the Apple website, “National security-related requests are not considered Device Requests or Account Requests and are reported in a separate category,” which may change the way that Apple handles requests similar to the ones related to the San Bernardino case.

Going forward, it’s uncertain if Apple will find a way to comply with the federal government’s request for information. The FBI is losing patience with Apple and has accused it of sympathizing with terrorists. In 2014, Cook said "[We] have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will."

It appears Apple’s stance has not changed since then. Just last week, Los Angeles Court Magistrate Sheri Pym ordered Apple to allow the federal government access to Farook’s iPhone data. The order asks Apple to supply the federal government with software that would enable it to access data, but so far Apple is holding firm in its stance and has refused.