Encryption All The Way

Since the time Edward Snowden leaked classified information, the focus has been on how governments across the world use surveillance to keep tap on digital activities. Lately, I have been reading about it, and have come to the conclusion that there is no way around it, but precautions can be taken if one is worried about his/her digital privacy.

Encryption in software/hardware largely boils down to the developers, if they wish, they can strongly encrypt the communication/data. For example, WhatsApp has partnered with Open Whisper Systems to provide end-to-end encryption.

There is a very good reason to trust this partnership as TextSecure, the technology which WhatsApp uses to encrypt messages, is open, and it allows anyone to go through the code to understand what exactly has been implemented, and whether that matches up to the expectation of tech community at large.

On the other hand, if you seen encryption tool like BitLocker provided by Microsoft to premium Windows version for free, isn’t open. That sends out a strong message of whether to really rely on such software when encrypting the laptop or desktop running Windows. Ubuntu does somewhat better job at this, but Apple again has this close system FileVault, which again raises concern.

If you are really worried about privacy, and want to make sure that the system you are using is secured, then you may want to consider following, which I have summarized after reading few blogs at The Intercept:

  1. Websites: Make sure the website you visit has a valid SSL. It is very simple to check, just look for the green icon on left of the website domain of the website after the page has been loaded, if it’s green, you are good to go. In case the SSL isn’t valid, then it will through up warning message even before the page loads. For those website which never used SSL, visitor should either opt out of the website or try avoiding data transfer task like creating account, submitting private information etc.
  2. Apps: It’s difficult to provide third party encryption directly to desktop or mobile apps. For desktop, you may want to move to web based alternative for the application you are using, this may sound tricky, but at least with web encryption you may feel safe about your data. If you make use of messenger a lot, then why not opt for TextSecure, and there are many other alternative you can consider for secure voice/data communication, all provided by Open Whisper Systems. For Apple devices, you have Signal.
  3. Hardware: Try encrypting your laptop/desktop/smartphones/tablets. Android has this support. For Windows you will have to make use of third party or BitLocker. Apple provides FileVault. This won’t fully ensure privacy/encryption, but gives you some sense of responsibility.

If you follow above three suggestions, then you can securely encrypt your hardware device you use to send out the messages/data or to do the voice communication. In turn, 99% of your daily activity will be encrypted.

These are just few suggestions that I have tried to summarize, at the end when using any tech products to communicate or to store your data, it all boils down to the trust factor between the service provider, and the seeker. In this digital world, having basic encryption understanding is surely handy.

Hi, I'm Chetan Arvind Patil, I write this blog