Dolphin-safe tuna is an ecological disaster?

A very interesting and somewhat disturbing article, here.

Why you should encrypt your data. Yes, you!

…And by you I mean all of you, so please at least take the time to read and think about this. Don’t worry if there are a few technical bits thrown in here and there; the message should be quite clear.

I have been putting off securing my data for much longer than I really should have. I am not, by nature, a paranoid person, and when it comes to high-powered encryption solutions, I agree with Randall Munroe of xkcd. I don’t need 4096-bit encryption, I am not going to worry about forensic analysis…I do not live in Iran. Someone said, and I agree, that

Alltogether, encryption of /home and /tmp prevents someone to access your private data by just using a Live-CD with your computer.

I consider something secure, when the effort to bypass or break it exceeds the benefit you get from breaking it.

But I do care enough that I want my data encrypted, and you should too—especially if any of the following applies to you:

• You use a laptop. A user account password prevents somebody from just logging in as you, and is of course a must-have, but account passwords won’t help you at all if your laptop gets stolen, because all anyone needs to grab all your data is a rescue or install disk.
• You use your browser, mail client, etc., to save your typed-in passwords or logged-in sessions.
• You use only a small set of passwords, so that having one password compromised impacts you in many places. Actually, if you do, read this and start using SuperGenPass.

As it happens, all of the above apply to me, and I know the risks full well, so it’s hard to justify the fact that I have gone so long without encrypting my data. In all honesty, it’s sheer laziness. At least I am catching up now…

The biggest danger is that if you have a laptop and it gets stolen, somebody could use a combination of saved passwords and password reset mechanisms—after all, they have access to your email account!—to break into virtually any service you have electronic access to. This is not just about somebody reading your private letters (bad enough); this is about somebody able to use any electronic service you can use, possibly with the exception of your bank if their security model is good. Of course, this applies to desktop computers as well, in case of burglaries, but I consider the likelihood of a break-in to be much lower than the risk of somebody grabbing my laptop off a café table while I have my back turned, or somebody stealing my backpack, laptop and all.

I will reiterate something Jeff Atwood said, because it’s important:

1. Number one with a bullet: your email account is a de-facto master password for your online identity. Most -- if not all -- of your online accounts are secured through your email. Remember all those "forgot password" and "forgot account" links? Guess where they ultimately resolve to? If someone controls your email account, they have nearly unlimited access to every online identity you own across every website you visit.

2. If you're anything like me, your email is a treasure trove of highly sensitive financial and personal information. Consider all the email notifications you get in today's highly interconnected web world. It's like a one-stop-shop for comprehensive and systematic identity theft.

I’m not here to tell you how to encrypt your data, because I don’t know how to do it in Windows and I don’t know how to do it on a Mac. (I’m told, in the latter case, that it is easy.) I am here to tell you that you should encrypt your data! —And if you choose not to, be aware of the risks.

---

One thing should be added: If you encrypt your data, backups are critical. Of course, backups are always important; I would hate to lose years of work, correspondence, important data, tax files, and so on, due to a hard drive failure—or, say, an apartment fire that destroys both my computers, which is quite bad enough without data loss on top of it.

But with encryption, it’s even more important. If a regular, unencrypted file system gets damaged (software error, crappy old hard drive, …), your OS can probably cope with this and recover pretty much everything you care about, because the on-disk format is well known and understood. Encryption throws a $5 wrench into the works here, by making the on-disk format extremely obscure: That’s the whole point, after all. This means that if your encrypted file system gets damaged, there’s a significantly higher risk that all your data become unreadable. (For example, if you use Linux/LUKS, like I do, and the metadata sectuin containing the master key gets damaged, the partition is lost.)

I didn’t think twice about this, because I have a reasonably solid backup strategy in place (everything I care enough about is synchronised with a remote server). If you want to encrypt your data but don’t have a backup solution in place, though, you should come up with one first.

---

If you’re using Linux, you should set up encryption when you install it. (Well, you should do this regardless of your OS, but this is a Linux-centric section.) With Ubuntu, it seems extremely easy, but I wasn’t thinking about it when I got my new laptop (I was too excited about a new toy, and having a laptop I could actually use), so I had to convert to an encrypted system after the fact.

Most importantly, I am encrypting my /home partition, where all my data reside, using LUKS (referring to this guide). I consider this by far the most important part—it’s where all my data reside, all my cached passwords could be stolen, all my email is backed up. It was not at all difficult—the only problematic part is that I needed to move the data aside in order to encrypt the partition (I don’t know of a way to encrypt it in place). For this reason, I have yet to do this on my desktop computer: I have no partition large enough to hold all the data!

I also encrypted my /tmp and swap partitions, where temporary data are kept, because cached passwords, sessions, etc., could potentially be retrieved from thence (here, I used this guide). Because they are (or can be) cleared on reboot, I opted for the recommended solution of using /dev/urandom as the key file: The password is randomly generated on boot, different every time, and thus pretty damned secure. I am told I should also encrypt /var/tmp, which is a bit trickier, because I don’t want to have to type in two LUKS keywords on boot. How important is it to encrypt /var/tmp? I gather KDE caches data there, but I do not use KDE. I suppose I may generate a keyfile and store it on the encrypted /home partition, or hell, even symlink it to a /home/cryptovar directory—on rare occasions when /home is not available, I don’t imagine I’ll care much about missing /var/tmp! Thoughts?