File Encryption


Latest news:

April 22, 2014:
Heartbleed, ROM Scrapers, and NSA spying are making people nervous.


Industrial Espionage

Many hackers working for foreign governments may use man-in-the-middle, social engineering, phishing, and data theft to get engineering specs, research, and other knowledge that may have cost millions of dollars to produce.

File & Directory Encryption

Use Privacy and Security Tools to Ensure Confidentiality

Some of the top file encryption software types are GNU Privacy Guard and PGP.

GNU Privacy Guard is a free open source file encryption software that is seen as the alternative to the PGP suite of cryptographic software. It is compliant with the standard RFC4880 and is a component of the Free Software Foundation’s agenda. It has funding from the government of Germany, and was developed by Werner Koch in its initial release known as GnuPG. Some security vulnerabilities were found in 2003 related to digitally signing email messages on the OpenPGP standard.

PGP disk encryption is currently in the news because it is at the center of a case (United States vs. Boucher) where the government is unable to crack the PGP (Pretty Good Privacy) encrypted files of a defendant who allegedly brought illicit files back from Canada. At the time of this writing, the case is still in court, but one ruling (on appeal by the prosecution) indicates that giving up your PGP key is a violation of your right against self-incrimination. Commentary in the privacy community indicates that either the government is unable to crack PGP encryption, or does not choose to do so in this case, but it has still served as an endorsement for the PGP platform.

PGP has also been newsworthy (and gotten publicity) for being listed as a “munition” but the US government and its designer Phil Zimmermann was the target of an investigation for exporting the software. The regulations were challenged when Zimmermann published the source code in a hardback book, which tested the idea that the code was a munition. Newer versions include PGP 3 and OpenPGP, and many of the developers have formed a company called PGP Corporation which owns many of the assets related to the software. Aside from file and database encryption, PGP also handles digital signatures, email, laptop encryption, file and folder security, and even IM encryption.



Notes and Special Information

Special note: Encryption standards need to be continually updated thanks to more powerful decryption methods, including the use of supercomputers to break previously unbreakable codes. Whatever information you are keeping confidential, you may want to consider the impact of how you would be judged if it became public knowlege. There are many legitimate uses for encryption, including patient confidentiality, business privacy requirements, and your right to be secure in your own effects and papers. Ethical file encryption means you are protecting the secrets of your clients, so ensure that you use code keys that are not easy to crack.