What are /r/encryption's favorite Products & Services?

From 3.5 billion Reddit comments

This isn't true- if someone grabbed the Signal apk from somewhere that's not an Australian site- they're not compromised.

If someone wants to see if they're compromised, they can check good hashes from the provider against the version they have.

Comon bro, if it was that easy to "tap" encrypted apps, then hash schemes and whatnot wouldn't exist.

They can't get to everything out on the Internet. https://signal.org/blog/reproducible-android/ or even more pointedly... https://signal.org/android/apk/

and so on...

Here's another silly example: Anyone who communicates through PGP- how the hell would they crack that?

You can't tinker with end to end encryption in transit like that, without violating the Safety number in Signal's case - or changing Certificates, for other apps and programs.

-You know, a lot of these were built so they could not be compromised- why do you think that suddenly the Australian Police can outsmart these long-known cryptographic techniques?

You really don't want to do that. You really really don't want to do that. The most important thing to learn is that cryptography is hard, and even the pros get it wrong.

I found this course a good starting place.

Why not use Veracrypt to create (1) an encrypted file container or (2) encrypt an entire USB drive.

With either approach, you will need a copy of Verycrypt. For approach 1 you can put a PortableVerycrypt on the same USB stick and for approach 2 you would put a PortableVeracrypt on a 2nd USB stick.

You can get PortableVeracrypt by installing the PortableApps platform ( https://portableapps.com/ ) and then installing Veracrypt from that. You can copy the PortableVeracrypt folder to your USB sticks.

You didn't say your OS, but you could use a solution based on encFS, flavors of which are available on Windows, Macs, Linux, and Android. BoxCryptor is probably the biggest name using encFS under the hood, and I believe it works with Amazon Cloud. I have not used BoxCryptor.

encFS will encrypt both filename and file. It works well once it's up and running. I use it to mount an encrypted Dropbox folder as a drive letter in Windows. The drive letter acts like the normal files, but the Dropbox folder looks like it's full of random junk. I can also access those encrypted files through Android once Dropbox has synced (the Android program is called EncDroid).

On my Windows system, I use encFSPlus, but I probably wouldn't recommend that any more as it seems to not be updated. This, however, looks like it might work: http://encfsmp.sourceforge.net/

https://joplinapp.org/ is entirely open source , does exactly what you are looking for and offers integration into various cloud services. I use this since several months and highly recommend it to everyone!

You claim they don’t do e2ee and they own the keys. Extraordinary claims require extraordinary evidence. I’ll be waiting right here. Send me the code when you’re done.

In the mean time: https://signal.org/blog/whatsapp-complete/

I used http://www.howtogeek.com/125704/how-to-extract-individual-files-from-a-windows-7-system-image-backup/ and copy/pasted the whole 10GB file over to my new drive and went thru old passwords until I got it opened! Solved...for me anyway.

K-9 Mail works with APG: http://en.flossmanuals.net/k9/encryption-and-security/

APG is available on F-Droid:

> APG is a port of OpenPGP for Android. Use it to encrypt and decrypt files, and in conjunction with K-9 Mail, to seamlessly add support for encrypting and decrypting emails, as well as adding and verifying digital signatures.

I've yet to set it up myself but your post may have just given me the push to do so.

Edit: More helpful. :)

Hmm. Well, while the UI seems friendly enough, this is not in any way secure.

Ignoring momentarily that CPUs can be switched out, things like model numbers and serial numbers have very clear and standardized patterns that are easy to guess, and are beyond trivial for other applications on the same machine.

Ideally, when developing a cryptographic protocol, you make a system which cannot be broken even if you know exactly how the algorithm works. Try looking into the Windows cryptography API which has functions for exactly this purpose. You should also consider setting the file permissions so that only the current users can access the files.

I'm aware all of that is a lot of work; there's a reason for the saying "don't roll your own crypto". If you're interested in crypto, perhaps you could reimplement Keepass which uses a standardized symmetrical encryption to maintain compatibility across operating systems, applications, and versions. This would give you the benefit of working with existing systems which have been tested by cyber security experts.

Good luck to you.

As a stopgap then, I would recommend that you download 7-Zip and use it to compress and encrypt the file. Use archive format 7z, compression level Ultra and encryption method AES-256. A 24-character key using mixed alphanumerics and symbols should give you around 157 bits of key quality. That's enough to protect it from a billion processors, each testing a billion keys a second, until all the stars burn out.

In the long run though, get something like KeePass Password Safe and move all that stuff in there. It gives you easy access to all of it without ever having to store it in cleartext anywhere, and its encryption is rock solid.

Good luck!

I know people use something like this. It was suggested a while back in another sub. Here you are!

Edit: I will suggest veracrypt though, but Cryptomator looks good. Need a little info on their security though.

I disagree with the assertion that this idea is incompatible with end-to-end encryption as a whole, though it still clearly weakens the strength of the system.

This page covering Signal's TextSecure protocol talks about how it implements E2EE with groups. The gist is that the message is encrypted once for each group member, and sent E2EE to their client (oversimplifying a bit; the article I linked talks about how they've improved on that naive approach somewhat).

Now that all said, what the author of your article is suggesting is still effectively a backdoor, as /u/bashdotexe says, that exposes the system to risk. If you make the clients capable of adding a new member to this group conversation without notifying members of the group, then sure, everything's still E2EE, but now your clients are sending messages to the wiretap client as well.

Here's the kicker: if the clients are capable of doing this, and the messaging service provider is capable of complying with a law enforcement request to do so, then a hacker or rogue employee within the company could do it as well. That's a serious problem that undermines the security of the system without directly compromising the E2EE itself.

It is indeed mandating a backdoor, just into the systems surrounding the encryption instead of the encryption itself. It's more or less just a diplomatic approach that lets them say "Oh, we're not touching your encryption" when they're circumventing it.

Is this it? https://apkpure.com/jcryptor-text-encryption/js.jcryptor

You could download that and try side loading it.

From a quick look at the decompiled dex it looks like it's using AES-CBC with a fixed IV of "0123456789ABCDEF" and a key derivation function based on SHA1PRNG. This is a pretty terrible design.

If you can't get the app working, it would be necessary to write a custom program to decrypt the text.

A copy of the Repo has been put up here .. Clean, no exes, just documentation and scripts

https://anonfiles.com/x7I0p8m5p4/widevine-l3-decryptor-main_zip

Use a messaging service like Signal (SMS app) or Telegram (start a "secret chat") for end-to-end encrypted messaging. As with all end-to-end messaging services, it requires both parties to be using the app.

Edit: Personally love Signal and highly recommend it.

Is this just for fun? If you want a free/opensource password manager just use https://qvault.io

Otherwise, if you want to build your own, use the users master password to encrypt each stored password with AES-256-GCM

It would probably work better with stacked filesystem encryption instead of block device encryption.

AFAIK, LUKS is the only block device encryption that can be resized.

Check out this chart comparing different file encryption methods. Also, here is a chart from the Arch Wiki comparing different encryption methods

I use gocryptfs for OneDrive.

Are you doing this in code? This thread has some interesting answers.

Or are you doing it for personal passwords? If so, I would recommend a tool like LastPass.

Alright, I think I have some answers for you.

Looking at the fist link to busy.org in the torrent description, the author mentions VeraCrypt, a popular encryption tool that replaced TrueCrypt.

They made a few other posts on busy.org.

Skimming over their posts yields these passwords:

'Layer_2-container.axx' password:

> 8JYIy&BRIkLi<7mku]nJGRS9YXwXs#udwvCr]MTV02"8@J0c%9ZC/*t7'r&@W

'Preview_Documents.container' password:

> *CZ4=I{YZ456zGecgg9/cCz|zNP5bZ,nCvJqDZKrq@v?O5V$FezCNs26CD;e:%N^

It looks like they haven't received enough donations to release the remaining keys.

You could either use something like PGP, then share public keys between yourself and your recipient. Or you could potentially use something like https://www.mailvelope.com/en , which also uses PGP but intergrates it directly into the browser. If you need any help with either of these, just DM me.

-----BEGIN PGP MESSAGE----- Version: Mailvelope v1.2.0 Comment: https://www.mailvelope.com

wcBMA99AS5xV4MboAQf/bwgupTQBCAXoBa2SBOSzN9AmSNk6Z19LXCoGXj7F 92eqLc5ROi2Cu73WYAmIS/uRoWy5XI6oiShip3GGzm/+Xq9e0BXQ6pPY6RN9 Hs2vinA+TmzZZHXLIZXV4aNEHx0zYhGswYPXyFMLxVqyddY9srSsQHGCgloE xoeXcKroAxBXM9h6mRJrP3vnyX3pO+SQ2CoS+/vxB6vAET5l4dPKsLC+MC/e zqXKv6+mWIsE0m2FKUBMquC5ymbyuz//bpVlUb0Z+FiIxXYoVM5t5B1fYapr HEdMIH+lRLztKbs+j6nQ0j4BjsT+dE8/HVUSR3Wpj7ZkEH1ic1J9jKJVD5QX /9J0AQkJlbc5gW9UGmRBCY6djzT5kEfukUcJ9B2fd5fe9anDLZV4GRXLH3ty gkhDYoYS1ctkCftvutioV5cCtRJOwHoOernz1ChdxG3/7Pjnq9wkf3pwEfWV PW+t5+WK7+W+S2GkrciTgYOJlBfMgE5sYqxrMMI= =lfGw -----END PGP MESSAGE-----

I use to think that sync files was the solution. The best solution I've found is to make backups. Encrypted backups are really useful. There's a tool called restic that can do just that. The first backup will take a long time depending on the amount of data. Other backups after that are pretty fast. The tool is really fast itself but again, it will depend on the amount of data being backed up. I honestly stopped using sync tools after doing this. I use Syncthing for some files but just to sync between my desktop, laptop and server, and there are not a lot. Those files are in my off-site backups. I know restic could seem like a lot for someone not use to work with this kind of solutions but it is really awesome, it uses deduplication which saves a lot of space, it encrypt the data before uploading and it's really versatile with backends. If you're doing backups in Google drive, for example, you can just use the rclone backend. It works for windows, Linux, *BSD, Mac, etc. You can search in the docs and the forum for more info:

Restic: https://restic.net/ Forum: https://forum.restic.net/

You can do form validation in the browser. The bootstrap framework has a section that starts to describe how it works: https://getbootstrap.com/docs/4.0/components/forms/#validation. You can perform basic checks to make sure the password is long enough using custom validation - this is much nicer than the page submitting THEN the user having to enter some of the information again if it doesn’t meet specific requirements. If the user is tying it in, then the browser can access it so it’s not really a security risk so long as you’re not running untrusted JavaScript (things like CORS help mitigate this). Just don’t save anything sensitive in localStorage. As long as the site uses HTTPS, the data will be encrypted from the client to the server then the server can hash the password and store it securely.

• 1) I believe most cryptanalysts take the view that double encryption is pointless. Either your encryption works or it doesn't. Case in point, if both systems use the same password you've not achieved much, and if they use different passwords how will you remember them both - if you have to write down the passwords to do this you probably do more harm than good.

• 2) PGP lacks forward secrecy so if you're concerned about future proofing your communications you really should be looking at OTR messaging if possible.

• 2) Even if you're looking for long-term-archive I still wouldn't worry too much about quantum computers. Even if these were readily available and cheap (ha!) it doesn't (generally) nullify encryption, just makes it easier to crack, but it's still hard.

• 3) There are no simple answers to key storage. The best advice here is keep it simple. I suggest keypassX, (or encrypted 7zip if you prefer), keep it on a usb stick with a backup usb stick at a friends house, salt the password with your 1st phone numer (or similar) and try your best to internalise the password.

• 4) The idea is that you have a day-to-day key that you use for communication etc. Should you fear that this is compromised you throw it away and generate a new one from your master key. This only helps with communication, with archive you'd still have to reencrypt everything with the new key and delete the old copies. If you're in a siltation where you often need to prove your identity to relatively unknown counter-parties (Think Edward Snowden, Satoshi Nakomoto, leet haxorz) it makes a lot of sense. If you're just looking to encrypt chat with friends then OTR messaging is much easier to manage.

I'd check out Wire. You can sign up with an email address or phone number. Additionally the team has written a blog post on how to stay more anonymous when using the service.

Download GPG4Win, then once that's on your computer you can right click a file and have the option of encrypting it with a password. Always make sure it's complex, I'm sure you already know that though. :)

I just googled "windows resize partition" and this came out. Just resize the partition in a few MB and try.

PD: I cannot advise strong enough about doing a backup of your data before you do anything with your hardrive.

SSL is a decades-old deprecated protocol, it got renamed to TLS. TLS 1.2 or 1.3 are the current transport security protocols. The renaming can be confusing, eg OpenSSL (a common TLS server & client library) still uses the name SSL despite TLS being the protocol it uses.

TLS encrypts the connection between the client and the server. It doesn't encrypt the data once it has arrived at the server. TLS requires a certificate, these are easily available for free from LetsEncrypt.org. Browsers will show warnings if you don't have TLS and have any user input fields at all.

If you need to store the data from the users such that if someone physically takes your server and walks away with it, then any disk encryption (Linux dm-crypt, Windows Bitlocker, Veracrypt generically, etc) will protect the data.

If you need to store the data encrypted in such a way that someone with access to the server but without access to the database (eg a different user) can't access it, then MySQL Enterprise's Transparent Data Encryption is what you want.

If you need to store the data encrypted in such a way that even you can't access it (eg a backup of user data) then the user will need to encrypt the data before sending it to you, and will need to keep the decryption keys.

If you have a ProtonMail account, you can send encrypted emails to any address but they (a) automatically expire after 28 days and (b) are encrypted with a master password which you need to find another way to get to the recipient.

More information: https://protonmail.com/support/knowledge-base/encrypt-for-outside-users/

If you use Kleopatra for PGP, you can also use the Sign/Encrypt functionality and choose the option "Encrypt with password. Anyone you share the password with can read the data." It's not as secure as PGP, but still as secure as the above or the password encrypted ZIP file method. Once you send the encrypted file, you would need to arrange a separate channel to provide the password.

BTW, in order to get the password to the recipient without directly telling them one approach - though this requires a somewhat technically inclined recipient - is to use Shamir's Secret Sharing Scheme. You can define a password to share and a required number of pieces. For example, you could use 5 blocks of data and require 3. If someone has any 3 unique blocks of data, they can recover the original data which in this case would be the password. The advantage here is you can send the 3 blocks of data across 3 unique channels - for example, with a lawyer, you might email one part of it, call their office with another, and text them a 3rd. Or FB, Twitter, Instagram, fax machine, literally mail them a letter, send a flash drive, rent a safe deposit box and print a QR code with a block then give a copy of the key to the firm, whatever you want. And of course you could make it require more than 3 blocks.

Given all those things you want to learn, I'd strongly suggest the Stanford Crypto I course on Coursera:

https://www.coursera.org/course/crypto

I think there's actually a session running right now, so you're in luck, but I doubt it'll work with your timeline, since it's a six week course with hours of lectures and homework you'll need to do to understand the material properly.

Google is not a free service, it's a data analytics company. Accessing your data is their very business model. They are also in partnership with government and law enforcement. Hence PRISM break.

https://lastpass.com/support.php?cmd=showfaq&amp;id=6926

>LastPass encrypts your Vault before it goes to the server using 256-bit AES encryption. Since the Vault is already encrypted before it leaves your computer and reaches the LastPass server, not even LastPass employees can see your sensitive data

The Russian government has ordered a partial block of ProtonMail, preventing some Russian mail servers from reaching us. We have managed to restore services at this time. More information about the block and our recommendations can be found here: https://protonmail.com/blog/russia-block/

Arguments against a backdoor in encryption:

> (...)

> Now, we sympathise with the authorities’ predicament here: we utterly abhor child abuse, terrorism, fascism and similar - and we did not build Matrix to enable it. However, trying to mitigate abuse with backdoors is, unfortunately, fundamentally flawed.

> - Backdoors necessarily introduce a fatal weak point into encryption for everyone, which then becomes the ultimate high value target for attackers. Anyone who can determine the secret needed to break the encryption will gain full access, and you can be absolutely sure the backdoor key will leak - whether that’s via intrusion, social engineering, brute-force attacks, or accident. And even if you unilaterally trust your current government to be responsible with the keys to the backdoor, is it wise to unilaterally trust their successors? Computer security is only ever a matter of degree, and the only safe way to keep a secret like this safe is for it not to exist in the first place.

> - (...)

> - Governments protect their own data using end-to-end encryption, precisely because they do not want other governments being able to snoop on them. So not only is it hypocritical for governments to argue for backdoors, it immediately puts their own governmental data at risk of being compromised. Moreover, creating infrastructure for backdoors sets an incredibly bad precedent to the rest of the world - where less salubrious governments will inevitably use the same technology to the massive detriment of their citizens’ human rights.

> (...)

> https://matrix.org/blog/2020/10/19/combating-abuse-in-matrix-without-backdoors

Signal, along with other apps and projects, has stated in the past that they would not comply with Australian legislation, both due to a technical inability to do so and due to not supporting this step in general.

So, unless they changed their opinion, they are still using encryption and just waiting to see if the Australians decide to ban them for it.

File based erasure can be done, but is not fail safe. There are many free software that do this.

If you're viewing on a computer where you have admin privileges, you can extract the unencrypted file into a RAM drive, then nothing would be left on disk. I use ImDisk Toolkit to create RAM drives.

Glacier uses a peak retrieval rate with each retrieval request. It's listed on their website in small print:

>† Glacier is designed with the expectation that retrievals are infrequent and unusual, and data will be stored for extended periods of time. You can retrieve up to 5% of your average monthly storage (pro-rated daily) for free each month. If you choose to retrieve more than this amount of data in a month, you are charged a retrieval fee starting at $0.01 per gigabyte. Learn more. In addition, there is a pro-rated charge of $0.03 per gigabyte for items deleted prior to 90 days. Learn more.

A general calculation can be as follows: (Your retrieval request in GB divided by 4) * (720 hours in a month) * 0.01. In my case, I have about 40gb stored at the moment. If I was to request to download it immediately, it would be (40/4 = 10) * (720) * (0.01) = $72

However if I was to download those 40GB in 5GB chunks at a time, it would be (5/4) * (720) * (0.01) = $9.

Therefore, the slower your download requests, the less you end up paying. Requesting a 20gb archive compared to a 1gb archive is a significant difference, which is why you'd want to keep each individual archive small.

More specific calculations and discussion here: https://news.ycombinator.com/item?id=4412886

>Is it worth going through the process to set up encryption for my email?

If you don't want third parties reading your email then yes, of course.

To be able to read your work emails at home would require you to transfer your client S/MIME certificate to your computer. You would probably want to ask about that first to see if that is something that is allowed. There are lots of email clients that support S/MIME. This is a popular one:

• https://www.thunderbird.net/en-US/

Relevant:

• http://kb.mozillazine.org/Installing_an_SMIME_certificate

>HMAC

Thanks!

Learning more by the second.

We trust the central registry, so using a Public Private Key would work technology wise. In that instance though we still give the Central Registry Publically Identifiable Information, so we and all agencies would need data sharing agreements. As we're all different types of agencies, with HQs under different laws etc this becomes difficult.

If we could only share non-identifiable information our legal issues would be lessened.

Reading up on KDFs now....

https://qvault.io/2019/12/30/very-basic-intro-to-key-derivation-functions-argon2-scrypt-etc/

There are a lot of ways to do it but I would Google pgp for windows https://www.gpg4win.org/ There are utilities that can be installed for all operating systems but they have made one called kleopatra that is a GUI for key management https://www.openpgp.org/software/kleopatra/

veracrypt is pretty popular from what I've seen. There is also Ciphershed but that one is currently just starting up so there are only alpha builds.

Vercrypt has the ability to encrypt an entire drive, although I'm not entirely sure if it allows for the encryption of USB drives, you'll have to figure that one out.

On to your second point, what you're asking for is simply not possible. If you have an encrypted file, that file requires decryption before any changes can be made to it, because it is encrypted. There are applications like Axcrypt that do simplify this process and allow simply double clicking an already encrypted file to be edited, but even then the file is being temporarily decrypted to allow editing to happen.

For full system drive encryption, Linux uses LUKS, you have to choose the option during the install process. You can't use VC to encrypt a Linux OS (but it's fine for non system ones).

As for the comparison with VeraCrypt, in terms of "strength" and security, the LUKS settings are defined by the distribution but most (if not all) uses the same defaults as VeraCrypt (AES 256, XTS, PBKDF2 and SHA256). The only difference being that VC uses a fix iteration count for PBKDF while LUKS adjusts it after a CPU benchmark.

A few things that are good to know about LUKS before starting

There's no GUI for it, you can graphically encrypt drives from a partition / disk manager but maintenance is performed via command line (say, changing or adding new passphrases.)
That also means that while VC prompts you to create a rescue disk, containing a header backup, that's something you'll have to do yourself once you're done installing. Do not skip that part.

You can check the LUKS/Cryptsetup FAQ for guidance, just don't mind some sections that are not up to date (it's still mentions the use of SHA1 for instance even thought the default has been SHA256 for a while).

And that should be enough for the big picture :)

This FAQ seems to address your question:

https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions

2.5 Can I encrypt an already existing, non-empty partition to use LUKS?

There is no converter, and it is not really needed. The way to do this is to make a backup of the device in question, securely wipe the device (as LUKS device initialization does not clear away old data), do a luksFormat, optionally overwrite the encrypted device, create a new filesystem and restore your backup on the now encrypted device. Also refer to sections "Security Aspects" and "Backup and Data Recovery". For backup, plain GNU tar works well and backs up anything likely to be in a filesystem.

A messaging app?Some suggestions here. Otherwise key distribution can be an awkward problem.
https://nordvpn.com/blog/most-secure-messaging-app/

Oh yes, it's a little tough to find, sorry about that ... https://truecrypt.ch/downloads/

Make sure that the one and only TrueCrypt that you use is 7.1a. That's the one that was audited and that's the one that's stumped the FBI multiple times. BTW, you mentioned crossplatform and as much as I love LUKS, TrueCrypt is the only crossplatorm (Windows/Mac/Linux) full encryption program that I know of.

For me the best encryption system for drives is TrueCrypt, you can download it using Torrent, just click on the name or here. Never trust bitlocker, may have a backdoor. TC is for windows, mac and linux and is your best choice, most don't use it because its not user friendly, but if you want to be secure there are few choices. (I tested on your OS it works like a charm)

Btw there is a manual when you install truecrypt, this software can encrypt your drives with your files on it, and you can configure Hot Keys for decrypt your drive using your pass, and encrypt again. Example: Configure ctrl+alt+m to mount your drive ( using a pass) and ctrl+alt+e to automatically dismount it.

just use gpg, yubikey supports it. the commandline isn't bad, and the docs from yubico seems good. there are gpg gui frontends as well

Had the same issue, but it worked perfectly after reinstalling and re-registrating on the service - try that first. There is Threema, which is good, but mostly closed-source. Maybe you wanna check out the list on Prism-Break: https://prism-break.org/en/categories/android/#instant-messaging AFAIK Signal isnt on this list because its centralized. Conversations is pretty neat.

KeePass is an encrypted password database that you can use to organize credentials. You can certainly put it (along with the installer) on a USB key and put it in a safe - provided she knows and will remember the master password.

The KeePass approach (locked in a safe) makes it a little hard to keep things up to date as you add/change credentials so if you want something that is still secure and don't mind foregoing the physical safe you could checkout LastPass It runs in your browser and will automatically offer to remember any password you use. It can also automatically generate random passwords for new accounts you create on various websites. It also has storage options non browser-based accounts as well. You can share a lastpass account or use separate ones and "share" certain credentials...

KeePass isn't cloud-based. It simply never stores anything as plaintext, but encrypts it (using AES-256 by default) before writing it to disk. That makes it extremely safe for use in conjunction with cloud-based storage services like Dropbox or Google Drive.

If you want to keep it updated you're far better off with something like KeePass Password Safe. Just enter each CC into a record just like a login credential, along with whatever notes you'd like to add, and update it just as you would a login credential. You can even store the file on a cloud drive, and access it from a compatible smartphone app. Trust me, after you get everything into an app like KeePass you'll wonder how you got along without it.

Wow! I had no idea PGP was a company! I was just referring to the openpgp tool that gpg uses.

I have a hard time believing that any amount of force from the US government would be enough to pressure the open source community into building backdoors into openpgp and gpg. Any backdoors would simply be rejected.

Since the PGP technology is open source and out of anyone’s control, the first companies to take the blow are gonna be the ones that provide easy encryption like protonmail, tutanota, and hushmail. Since these technologies run very in-the-background, they’ll be able to build in backdoors (maybe adding a government controlled PGP key to all emails) without a fuss.

My question is about when users take encryption into their own hands. I personally use mailvelope to encrypt my emails. Mailvelope is open source and wouldn’t get away with building in a backdoor, so nobody has any control over my encryption but me. Since I’m sending encrypted emails over fastmail (lets say I’m misbehaving), would fastmail take the fall for providing me the means to send my encrypted messages?

This will be interesting to see what happens. Maybe the government will punish me for using encryption. Maybe the government will punish fastmail for allowing me to use encryption, which will cause them to terminate my account or detect and block emails with encryption.

THEN, I can use steganography to hide my messages! That will give me plausible deniability since it’s undetectable!

Long story short: I love computers, I hate the government, don’t tell me what to do, and the EARN IT bill is stupid.

Note I said "all data on the iPhone".

Data sent anywhere else, like iCloud Backup, is no longer on the iPhone.

If law enforcement subpoenas are within your threat model, don't use iCloud Backup, and instead back your device up to iTunes (or, better yet, iMazing) and use a strong password (or, better yet, passphrase) to encrypt the backup. In fact, this option allows more sensitive information to be backed up, such as Google Authenticator and Health data.

Then absolutely nobody will get your data unless they have your passcode or backup passphrase. You can also enable long passcodes, including alphanumeric, if you'd like.

1. Open source doesn't mean free of charge. Selling products or services made by those codes are in general not prohibited.
2. Open source is not a safe guarantee. It still needs professional independent audits on the code and the process of production. Open source only gives confidents of transparency, it is the audit make sure 1) the design is correct 2) the code is clean 3) they really use the code you see to compile the final software.
3. "can I be sure that there isn't and never will be a back door". No you can't, even for their desktop products, unless you read all the code and compile it by yourself. This is where my second point comes in, see https://cryptomator.org/faq/security/audits/.
4. As for their iOS and Android version, the part handling encryption are open source. If you are capable to exam all the code, it's likely that you can use those code to produce your own version of Cryptomator on the mobile. It should be compatible to the official version since they handle the file in the same way. Otherwise I believe it means very little to have the rest part of the code.

You should test both - download and use, almost no set up time. Theoretically I think VC would be faster since cryptomator uses a local webdav protocol while VC is more direct...but someone more expert than me would need to confirm this. In my real world experience, you won't notice a difference on a local drive.

The difference is really noticeable if your data is "in the cloud" as Cryptomator just syncs changed files, while your whole VC container (possibly GBs in size) would be re-synched after the smallest single file change. An exception is if you use the Dropbox client which syncs only changed parts of a large file, not the whole file.

Veracrypt is definitely a good solution. Another possibility is to use a common file system (NTFS, FAT32...) and then use Cryptomator on your computers/phones to encrypt and decrypt files.

First, this is not safe! As long as your connection isn't encrypted using tls, attacker can modify the page and ask user to input password and upload the encrypted information to their own server.

I know a project that already exist may give you inspiration.

http://sebsauvage.net/wiki/doku.php?id=php:zerobin

This following program actually works well enough for small things like password databases and stuff. It might have been made as a joke by the author but it still seems to work:

http://www.ollydbg.de/Paperbak/index.html

> (...)

> The first thing any private messenger needs is end-to-end encryption, AKA E2EE — this is the non-negotiable starting point for any app claiming to be a private messenger. End-to-end encryption means your messages are encrypted the entire time they’re in transit, so even if someone manages to intercept your messages, they still won’t be able to read them. Only you and the person you’re messaging have the encryption key necessary to read any given message.

> But not all E2EE is created equal. Some methods of encryption are more hardy than others, so it’s important to check out what kind of encryption your messenger is using. You also need to consider who is handling and storing your messages. If the company running the messaging app is storing your messages (and the messages aren’t encrypted well enough), the company may be able to decrypt them. And depending on where and how the messages are being stored, law enforcement agencies or other third parties could even force a company to expose your messages.

> To protect against this, some messengers avoid storing messages in one place, or program messages to expire after a while.

> In addition, some messengers may be private, but not anonymous. A private messenger will generally hide the contents of a message you send, but not hide the fact that you sent it. An anonymous messenger hides all the information about the conversation, not just the contents of your messages. And a messenger isn’t anonymous if you need to tie your name, email, or phone number to your account. This connects your digital account with your real-world identity — forever.

> Staying completely anonymous means nobody can trace your conversations back to you.

> (...)

> https://getsession.org/who-needs-private-messaging/

>That's cool, but the messages that are sent are what I want to protect when using a messenger: do they have a general key to decrypt? We don't know. Do they give access to law enforcement when asked? We don't know.

Actually, no they don't, and you can prove it yourself:

https://threema.ch/validation/

Further, since they don't collect anything which is personally identifiable unless you choose to link your email address and/or phone number to your account (without which Threema is completely anonymous), there is nothing linking you to your messages.

> Should I go on?

No thanks.

As you can see on this Reddit Post, Apple does collect quite a bit of data on users.

You can make some mitigations by using Signal Messenger, Lockdown to block trackers or ProtonVPN, Jumbo to help set your accounts' privacy settings, and use Proton Mail. Icloud is not end to end encrypted so it's not a privacy-wise option. And the EU has better privacy laws for their citizens than the U.S. does.

Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications https://www.amazon.com/gp/product/1907117040/ref=oh_aui_detailpage_o00_s00?ie=UTF8&amp;psc=1

The Code Book is good. It is less about encryption implementation though. It goes through the history of cryptography and encryption from ancient times to modern day, and explains the concepts behind them. Very interesting and would highly recommend.

Edit: Added link to book.

I recommend you check out the book Dissapearing Cryptography. It goes in depth about steganography, watermarking and such stuff. Fully on topic with what you're talking about

http://www.amazon.com/Disappearing-Cryptography-Third-Edition-Steganography/dp/0123744792

Yep, the BIOS is password is set on the motherboard software, as you've called it. It's the screen you access by hitting F12 or Del or whatever at bootup, before the OS starts. They vary in their password features, but there should be at least one to set a "system" password. You'll also need to configure it to boot from a USB drive before the internal drives.

Secure USB: http://www.amazon.com/Apricorn-Validated-256-bit-Encrypted-ASK-256-4GB/dp/B00741U31E/

So the idea is that you unlock & insert the USB stick, power on the machine, enter the system password, it boots from the stick, then the bootloader either contains a keyfile or prompts to unlock the hard drives via another password.

Lots of overhead actually, but each layer secures against a different threat.