What are the best practices regarding personal files and encryption?
Over the past year I have done a lot to shore up my digital privacy and security. One of the last tasks I have to tackle is locking down the many personal files I have on my computer that have potentially compromising information in them (e.g. bank statements). Right now they are simply sitting on my hard drive, unencrypted. Theft of my device or a breach in access through the network would allow a frightening level of access to many of my records.
As such, what are my options for keeping certain files behind an encryption "shield"? Also, what are the potential tradeoffs for doing so? In researching the topic online I've read plenty of horror stories about people losing archives or whole drives due to encryption-related errors/mistakes. How can I protect against this scenario? Losing the files would be almost as bad as having them compromised!
I'm running Linux, but I'm far from tech-savvy, so I would either need a solution to be straightforward or I'd have to learn a lot to make sense of a more complicated solution. I'm willing to learn mainly because it's not an option for me to continue with my current, insecure setup. I do use a cloud-based password manager that allows for uploading of files, and I trust it enough with my passwords that I would trust it with my files, though I would like to avoid that situation if possible.
With all this in mind, what's a good solution for me to protect my personal files?
Yeah, I agree. If you want to go simple just do full disk encryption. Since you have Linux you can just encrypt your /home too.
I know you didn't really ask about redundancy, but in that area it just depends how important your stuff is to you. For my personal stuff I usually have just one step past a single point of failure. And honestly, I still have quite a few single points of failure. Anything super important I push off site onto a cloud resource. But that is very few items, and most of the time that's because I want easy access to them or I am sharing them.
This is a great rundown, thank you. I do have lots of questions though, if you have the patience for them. I don't have great background knowledge of the topic, so some of this is me simply trying to get my mind around some of the probably obvious, big picture stuff.
Full-disk encryption
Is this the kind of thing I could roll out now in my current distribution, or would I have to do a reinstall? Does the potential slowdown impact gaming? Do I have a greater risk of losing the whole drive?
Encrypted backups
Currently I have SpiderOak keeping my backups in the cloud (which are encrypted). If I were to encrypt my hard drive, what does a recovery scenario look like? Download encrypted files from SO, then decrypt again on my local machine? Furthermore, if I'm in a recovery scenario and I need only a few specific files, how would I find and decrypt those if they were encrypted using full-disk encryption? Would I have to have the entire disk image to decrypt? Would I have to dump everything and then sift through them unencrypted?
I don't know if that question makes sense, so I guess what I'm getting at is this: if I encrypt my disk and then look at it without the encryption, would I still see the same directory structure and number of files in each folder but just with encrypted names and filetypes, or would it just be just a large unrecognizable single chunk of data?
Sync between machines
I already use Syncthing to sync files between two different computers and my phone. If I enable encryption on one, wouldn't that cause Syncthing to sync encrypted versions that would be useless on the other devices? Can it even selectively sync certain files if full-disk encryption is enabled? Is there a way to set up concurrent encryption on all endpoints of Syncthing (including Windows/Android) so that the files remain usable outside of my main Linux machine?
Password manager
I'm currently using Bitwarden, and convenience is king for me right now. I've looked into other, more secure non-cloud options, but they all have much more of a learning curve. While I would eventually like to shore up my technical knowledge to make me comfortable with one of those alternates, for now I'm okay with what I've got. After all, it was far better than the password reuse system I had in place before.
Wow, thank you for taking the time to write that out and explain it so well. That was genuinely helpful and gave me some much needed perspective that I was missing.
I had no idea the encryption would be effectively transparent to me and my programs while my computer is in use. This was exactly the kind of solution I was looking for, especially because it is compatible with the other systems I have in place (e.g. Syncthing and SpiderOak).
A final question about implementation:
Can a system using LUKS read unencrypted drives? I'm assuming yes, but I don't want to make a fatal mistake here. Currently my machine has most of my data on a large external hard drive, and I have a second hard drive of the same size acting as an on-site backup. If I were to wipe and reinstall, would I simply wipe one of the drives, enable encryption on it, and then move my files into that encrypted drive from the unencrypted one?
EDIT: It is going to be a while before I am able to fully wipe my Linux installation given some of the stuff going on in my life at the moment. In lieu of full-disc encryption, is there a way I can simply encrypt a single directory? Is a password-protected archive good enough?
If your first comment was the assignment, then the second was some one-on-one tutoring. This last one is an enrichment activity that pushes higher-level learning. Across all three you've given me a mini-class in encryption! I've got a lot to digest and learn. It's time for me to do some homework.
Also, I don't know if you see yourself this way, but to me you're a modern day wizard.
Just a note, it is technically possible to convert your existing install to one that uses LUKS but it'd be a bit fidly. I've been experimenting with trying to convert a partition-based Fedora install to one that uses LVM, so far I've been unsuccessful.
Lots of distros will ask in the installer if you want your home directory encrypted. Elementary OS did, works flawlessly. Totally forgot I had encryption enabled til I tried to pull a file out of it from a LiveCD. Still managed to do it, but without Elementary automatically handling it all, it was a slight pain to run all the little decryption utils myself. Just had to read the docs, but I had to read the docs.
But yeah that kind of automated home directory encryption is pretty great.
I hear KDE has some encrypted folder integration into its shell recently, too. I think they're calling it "Vault"? Maybe check that out if you're a KDE kinda guy. Looked pretty
needNEAT from their demo video.I'd think about the balance between security and accessibility. It's like asking yourself a question: Would I rather like to forget password than someone else captures the data, or it's more important to have free access even at the cost of someone else gaining it?
These two principles are kinda the opposite. The more you encrypt and password protect, the more likely it is to accidentally lose the backup or archive by forgetting passwords over time. I'm even curious if it's a real thing or just my anecdotal observations.
I agree that there needs to be a balance between usability and security. A simple solution would be to use a password manager - that way you'd only have to remember one tough combination to access all your stored keys. Or maybe just write it on a piece of paper.
I'd encourage everyone to use encryption for personal files, there is really no downside to it.
I think my hesitation came from my own misconceptions about the "face" of encryption and how I would have to interact with it. I was picturing it being this big, impenetrable vault that I could never really see inside. I thought I would be dumping stuff into a black box, hoping it's safe, and hoping that I can get it out eventually if needed.
Knowing now that I can operate inside the encryption is a game-changer, as I can still do everything I need to and be protected at the same time. Given what I've learned the question is no longer to choose between encryption or convenience, but instead to choose how long I'm willing to go without encryption, since wiping and reinstalling is going to be a somewhat laborious task for me.
In addition to what is being said here, enable Multi-factor authentication whenever possible.
If you have a password manager, even a cloud based on like LastPass, if you have a MFA enabled then all is not lost if someone gains access because they would also need your phone or desktop app, which hopefully you've password protected with a password different than your password manager master password.
Do not let applications and sites remember your password or even remember device for X days so you can avoid entering the MFA code, have it ask every time, at least for sensitive content like your email or financial logins.
If you have a mac, using an encrypted disc image lets you sandbox files nicely, just back it up as always.