Thought-provoking discussion on encryption trade-offs. The balance between security through encryption and practical usability remains a fundamental challenge in cybersecurity implementation.
I haven’t “upgraded” my old iMac yet and in the light of this doubt I will. The issue is, of course, the trade off between security and convenience, which I thought Apple had learned with the iPhone; fewer people will complain and less loudly if, having lost or destroyed their phone or had it stolen, Apple can restore all their photos. People see loosing access to their bank account as their own problem, but loosing the photos of their family because Apple automatically encrypted an iCloud backup? That’s Apple’s fault.
The answer, at least as I see it, is don’t risk total loss of everything by deep encryption that may bite you later. Focus on protecting just the few things that (1) thieves may be interested in; and (2) matter to you. Your savings account? Access from a desktop in your house and nowhere else. Use a strong password and two factor identification, preferably biometric and not your mobile phone. The “old fashioned way” of your bank calling your landline and dictating a four digit time limited one time code is surprisingly robust.
I’m of the view that my life is sufficiently mundane that’s there’s very little anyone could expose that would be worse than transient embarrassment. I think that’s the test on whether to use deep encryption. Only one caveat, if you have a professional obligation to protect client information, cover yourself by doing so.
A crucial point is that almost all cybersecurity advice starts from a corporate perspective. When a Ministry of Defence civil servant loses a laptop with lists of military personnel or a banking executive a laptop with details of financial deals, it is open season for criticism of failures of encryption, etc. But the recommendations based on such fears spill over into online advice for everyone.
To worsen matters, corporations then try to impose their standards and expectations on anyone who has anything to do with them. This isn't real security but an attempt to slough off responsibility by transferring it to people and organisations less able to to manage it. On one occasion I had great difficulties with BT which wanted to impose all kinds of security requirements on me relating to the management of what was, in fact, publicly available data. In the end I had to tell them that they had to live with what I was willing to do or I would walk away. They caved - but their lawyers hated it - because there was no-one else who could do what they needed (at least in reasonable time and at reasonable cost).
As for your last sentence, the key issue is discipline. In both the BT case and the example that you give it is/was perfectly possible to set up encrypted virtual drives which contain all of the files for specific projects or work which requires protection. Cybersecurity advisers and lawyers are not used to that approach. They focus entirely on protecting hardware rather than data. Done properly this is an example of hidden in plain sight.
One advantage that macOS has, and that I could but haven’t used, is the ability to create disk image files (.dmg). You can relatively easily create an encrypted “disk” which is really just a big file but that, like a physical storage device, can be mounted within your home directory (say somewhere in your Documents folder). That “disk” can be encrypted and the folders below its mount point be used to store confidential information. Don’t automount the encrypted image; that requires putting its password in the macOS keychain, which is no safer than your login password. Oh, and remember to shut down your laptop, not just close the lid. Letting it sleep or hibernate doesn’t unmount disks.
Yes, all correct. It was possible to do more or less the same thing on Windows using an open source software package called Veracrypt to create encrypted virtual drives that could be mounted as Windows drives. The problem, as always, is that the stricter you are about encryption the more complicated things become if you lose the password or whatever. So people have to store the password(s) and that becomes the weak point.
Cybersecurity practice suffer from the mentality that the only thing which needs protection is their stuff, which may be fine if you are the MoD but is not realistic in most companies or for most people.
You can buy special Password record books from amazon one of which has the words "Password Book" in large friendly letters on the cover. They also have an "Easy password logbook for seniors" a must-have for people like me.
On a slightly different but related subject. Years ago when we were still using floppy disks a company I worked for instituted a system for protecting us from computer viruses which were just becoming prevalent. They had a special computer set up which would scan any floppy disk for viruses. There was a rule that any floppy disk brought into the office had to be scanned on that computer. Sensible, I suppose. But the thing was, once you had scanned the disk you had to stick a coloured sticker on the disk to show that it had been scanned. I can see the thinking behind it but it always seemed a bit weird to me as if that sticker gave the disk permanent protection against viruses.
There is/was a more recent variant of that pre-scanning approach. USB drives are the modern equivalent of floppy disks. There have been so many episodes when security breaches have been linked to USB drives that the most cautious organisations won't allow anything to be attached to any secure device. Underlying all of this is the basic issue that data and other files have to be transferred between computers if they are to be useful. All forms of data transfer are vulnerable to subversion. There is no way of avoiding the race between those who want to protect sensitive material and those who wish to compromise it.
Thought-provoking discussion on encryption trade-offs. The balance between security through encryption and practical usability remains a fundamental challenge in cybersecurity implementation.
I haven’t “upgraded” my old iMac yet and in the light of this doubt I will. The issue is, of course, the trade off between security and convenience, which I thought Apple had learned with the iPhone; fewer people will complain and less loudly if, having lost or destroyed their phone or had it stolen, Apple can restore all their photos. People see loosing access to their bank account as their own problem, but loosing the photos of their family because Apple automatically encrypted an iCloud backup? That’s Apple’s fault.
The answer, at least as I see it, is don’t risk total loss of everything by deep encryption that may bite you later. Focus on protecting just the few things that (1) thieves may be interested in; and (2) matter to you. Your savings account? Access from a desktop in your house and nowhere else. Use a strong password and two factor identification, preferably biometric and not your mobile phone. The “old fashioned way” of your bank calling your landline and dictating a four digit time limited one time code is surprisingly robust.
I’m of the view that my life is sufficiently mundane that’s there’s very little anyone could expose that would be worse than transient embarrassment. I think that’s the test on whether to use deep encryption. Only one caveat, if you have a professional obligation to protect client information, cover yourself by doing so.
A crucial point is that almost all cybersecurity advice starts from a corporate perspective. When a Ministry of Defence civil servant loses a laptop with lists of military personnel or a banking executive a laptop with details of financial deals, it is open season for criticism of failures of encryption, etc. But the recommendations based on such fears spill over into online advice for everyone.
To worsen matters, corporations then try to impose their standards and expectations on anyone who has anything to do with them. This isn't real security but an attempt to slough off responsibility by transferring it to people and organisations less able to to manage it. On one occasion I had great difficulties with BT which wanted to impose all kinds of security requirements on me relating to the management of what was, in fact, publicly available data. In the end I had to tell them that they had to live with what I was willing to do or I would walk away. They caved - but their lawyers hated it - because there was no-one else who could do what they needed (at least in reasonable time and at reasonable cost).
As for your last sentence, the key issue is discipline. In both the BT case and the example that you give it is/was perfectly possible to set up encrypted virtual drives which contain all of the files for specific projects or work which requires protection. Cybersecurity advisers and lawyers are not used to that approach. They focus entirely on protecting hardware rather than data. Done properly this is an example of hidden in plain sight.
Points well made.
One advantage that macOS has, and that I could but haven’t used, is the ability to create disk image files (.dmg). You can relatively easily create an encrypted “disk” which is really just a big file but that, like a physical storage device, can be mounted within your home directory (say somewhere in your Documents folder). That “disk” can be encrypted and the folders below its mount point be used to store confidential information. Don’t automount the encrypted image; that requires putting its password in the macOS keychain, which is no safer than your login password. Oh, and remember to shut down your laptop, not just close the lid. Letting it sleep or hibernate doesn’t unmount disks.
Yes, all correct. It was possible to do more or less the same thing on Windows using an open source software package called Veracrypt to create encrypted virtual drives that could be mounted as Windows drives. The problem, as always, is that the stricter you are about encryption the more complicated things become if you lose the password or whatever. So people have to store the password(s) and that becomes the weak point.
Cybersecurity practice suffer from the mentality that the only thing which needs protection is their stuff, which may be fine if you are the MoD but is not realistic in most companies or for most people.
You can buy special Password record books from amazon one of which has the words "Password Book" in large friendly letters on the cover. They also have an "Easy password logbook for seniors" a must-have for people like me.
On a slightly different but related subject. Years ago when we were still using floppy disks a company I worked for instituted a system for protecting us from computer viruses which were just becoming prevalent. They had a special computer set up which would scan any floppy disk for viruses. There was a rule that any floppy disk brought into the office had to be scanned on that computer. Sensible, I suppose. But the thing was, once you had scanned the disk you had to stick a coloured sticker on the disk to show that it had been scanned. I can see the thinking behind it but it always seemed a bit weird to me as if that sticker gave the disk permanent protection against viruses.
There is/was a more recent variant of that pre-scanning approach. USB drives are the modern equivalent of floppy disks. There have been so many episodes when security breaches have been linked to USB drives that the most cautious organisations won't allow anything to be attached to any secure device. Underlying all of this is the basic issue that data and other files have to be transferred between computers if they are to be useful. All forms of data transfer are vulnerable to subversion. There is no way of avoiding the race between those who want to protect sensitive material and those who wish to compromise it.