This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.nytimes.com/2016/11/17/technology/personaltech/encryption-privacy.html
The article has changed 7 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Protecting Your Digital Life in 7 Easy Steps | Protecting Your Digital Life in 7 Easy Steps |
| (1 day later) | |
| There are more reasons than ever to understand how to protect your personal information. | There are more reasons than ever to understand how to protect your personal information. |
| Major hacks seem ever more frequent. Investigators believe that a set of top-secret National Security Agency hacking tools were offered to online bidders this summer. | Major hacks seem ever more frequent. Investigators believe that a set of top-secret National Security Agency hacking tools were offered to online bidders this summer. |
| And many of those worried about expanded government surveillance by the N.S.A. and other agencies have taken steps to secure their communications. | And many of those worried about expanded government surveillance by the N.S.A. and other agencies have taken steps to secure their communications. |
| In a recent Medium post, Quincy Larson, the founder of Free Code Camp, an open-source community for learning to code, detailed the reasons it might be useful for people to make their personal data more difficult for attackers to access. | In a recent Medium post, Quincy Larson, the founder of Free Code Camp, an open-source community for learning to code, detailed the reasons it might be useful for people to make their personal data more difficult for attackers to access. |
| “When I use the term ‘attacker’ I mean anyone trying to access your data whom you haven’t given express permission to,” he wrote. “Whether it’s a hacker, a corporation, or even a government.” | “When I use the term ‘attacker’ I mean anyone trying to access your data whom you haven’t given express permission to,” he wrote. “Whether it’s a hacker, a corporation, or even a government.” |
| In an interview, Mr. Larson walked us through some of the basic steps he recommended. We added a few of our own, based on additional interviews. | In an interview, Mr. Larson walked us through some of the basic steps he recommended. We added a few of our own, based on additional interviews. |
| We encourage you to write back with feedback on this article. If the instructions are too vague, the apps aren’t working for you or you have additional questions, we want to hear about it. Send an email to smarterliving@nytimes.com. | We encourage you to write back with feedback on this article. If the instructions are too vague, the apps aren’t working for you or you have additional questions, we want to hear about it. Send an email to smarterliving@nytimes.com. |
| Now, let’s encrypt. | Now, let’s encrypt. |
| Encryption is a fancy computer-person word for scrambling your data until no one can understand what it says without a key. But encrypting is more complex than just switching a couple of letters around. | Encryption is a fancy computer-person word for scrambling your data until no one can understand what it says without a key. But encrypting is more complex than just switching a couple of letters around. |
| Mr. Larson said that by some estimates, with the default encryption scheme that Apple uses, “you’d have to have a supercomputer crunching day and night for years to be able to unlock a single computer.” | Mr. Larson said that by some estimates, with the default encryption scheme that Apple uses, “you’d have to have a supercomputer crunching day and night for years to be able to unlock a single computer.” |
| He said that the best way to destroy data was not to delete it, because it could potentially be resurrected from a hard drive, but to encode it in “a secure form of cryptography.” | He said that the best way to destroy data was not to delete it, because it could potentially be resurrected from a hard drive, but to encode it in “a secure form of cryptography.” |
| Signal is one of the most popular apps for those who want to protect their text messaging. It is free and extremely easy to use. And unlike Apple’s iMessage, which is also encrypted, the code it uses to operate is open-source. | Signal is one of the most popular apps for those who want to protect their text messaging. It is free and extremely easy to use. And unlike Apple’s iMessage, which is also encrypted, the code it uses to operate is open-source. |
| “You can be sure by looking at the code that they’re not doing anything weird with your data,” Mr. Larson said. | “You can be sure by looking at the code that they’re not doing anything weird with your data,” Mr. Larson said. |
| “In general, the idea behind the app is to make privacy and communication as simple as possible,” said Moxie Marlinspike, the founder of Open Whisper Systems, the organization that developed Signal. | “In general, the idea behind the app is to make privacy and communication as simple as possible,” said Moxie Marlinspike, the founder of Open Whisper Systems, the organization that developed Signal. |
| That means that the app allows you to use emojis, send pictures and enter group texts. | That means that the app allows you to use emojis, send pictures and enter group texts. |
| One bit of friction: You do have to persuade your friends to join the service too, if you want to text them. The app makes that easy to do. | One bit of friction: You do have to persuade your friends to join the service too, if you want to text them. The app makes that easy to do. |
| WhatsApp, the popular chat tool, uses Signal’s software to encrypt its messaging. And in Facebook Messenger and Google’s texting app Allo, you can turn on an option that encrypts your messages. | WhatsApp, the popular chat tool, uses Signal’s software to encrypt its messaging. And in Facebook Messenger and Google’s texting app Allo, you can turn on an option that encrypts your messages. |
| Here’s how to do that on Facebook. Here’s how to do it on Allo. | Here’s how to do that on Facebook. Here’s how to do it on Allo. |
| Mr. Marlinspike said that the presidential election had sparked a lot of interested in Signal, leading to a “substantial increase in users.” | Mr. Marlinspike said that the presidential election had sparked a lot of interested in Signal, leading to a “substantial increase in users.” |
| When asked to speculate why that was, Mr. Marlinspike simply said, “Donald Trump is about to be in control of the most powerful, invasive and least accountable surveillance apparatus in the world.” | When asked to speculate why that was, Mr. Marlinspike simply said, “Donald Trump is about to be in control of the most powerful, invasive and least accountable surveillance apparatus in the world.” |
| To download Signal, click here for iOS, or here for Android. | To download Signal, click here for iOS, or here for Android. |
| Your phone may be the device that lives in your pocket, but Mr. Larson described the computer as the real gold mine for personal information. | Your phone may be the device that lives in your pocket, but Mr. Larson described the computer as the real gold mine for personal information. |
| Even if your data were password protected, someone who gained access to your computer “would have access to all your files if they were unencrypted.” | Even if your data were password protected, someone who gained access to your computer “would have access to all your files if they were unencrypted.” |
| Luckily, both Apple and Windows offer means of automatic encryption that simply need to be turned on. | Luckily, both Apple and Windows offer means of automatic encryption that simply need to be turned on. |
| Here’s the link to do that for Apple computers. Here’s the one for Windows computers. | Here’s the link to do that for Apple computers. Here’s the one for Windows computers. |
| You know this by now. Changing your passwords frequently is one of the simplest things you can do to protect yourself from digital invasion. | You know this by now. Changing your passwords frequently is one of the simplest things you can do to protect yourself from digital invasion. |
| But making up new combinations all the time is a hassle. | But making up new combinations all the time is a hassle. |
| Mr. Larson recommends password managers, which help store many passwords, with one master password. He said that he uses LastPass, but knows plenty of people who use 1Password and KeePass, and that he doesn’t have a strong reason to recommend one over another. | Mr. Larson recommends password managers, which help store many passwords, with one master password. He said that he uses LastPass, but knows plenty of people who use 1Password and KeePass, and that he doesn’t have a strong reason to recommend one over another. |
| Not every security expert trusts password managers. Some noted that LastPass itself got hacked last year. | Not every security expert trusts password managers. Some noted that LastPass itself got hacked last year. |
| So that means you may want to write them down in one secure location, perhaps a Post-it note at home. It seems more far-fetched that a hacker would bother to break into your home for a Post-it note than find a way into your computer. | So that means you may want to write them down in one secure location, perhaps a Post-it note at home. It seems more far-fetched that a hacker would bother to break into your home for a Post-it note than find a way into your computer. |
| If you take that route, we suggest setting a weekly or biweekly calendar reminder to change your passwords. | If you take that route, we suggest setting a weekly or biweekly calendar reminder to change your passwords. |
| As far as making passwords up goes: Don’t be precious about it. Use a random word (an object near you while you’re hunched over your Post-it), scramble the letters and sprinkle in numbers and punctuation marks. If you’re writing passwords down, you don’t have to worry about making them memorable. | |
| When you turn this step on, anyone trying to sign in to your email from new devices will have to go through a secondary layer of security: a code to access the inbox that is sent to your phone via text message. (Though sadly, not through Signal.) | When you turn this step on, anyone trying to sign in to your email from new devices will have to go through a secondary layer of security: a code to access the inbox that is sent to your phone via text message. (Though sadly, not through Signal.) |
| Here’s the link for turning on two-factor authentication for Gmail accounts. | Here’s the link for turning on two-factor authentication for Gmail accounts. |
| Here’s the one for Yahoo accounts, and here’s one you can use for Outlook accounts. | Here’s the one for Yahoo accounts, and here’s one you can use for Outlook accounts. |
| You can also set two-factor authentication for social media accounts and other sites. But email is the most important account, since many sites use email for password recovery, a fact that has been exploited by hackers. Once they have access to your email, they can get access to banking, social media, data backups and work accounts. | You can also set two-factor authentication for social media accounts and other sites. But email is the most important account, since many sites use email for password recovery, a fact that has been exploited by hackers. Once they have access to your email, they can get access to banking, social media, data backups and work accounts. |
| Mr. Marlinspike recommended this plug-in, developed by the Electronic Frontier Foundation, a digital security organization. It ensures that you are accessing the secure form of websites, meaning that your connection to the site will be encrypted, and that you will be protected from various forms of surveillance and hacking. | Mr. Marlinspike recommended this plug-in, developed by the Electronic Frontier Foundation, a digital security organization. It ensures that you are accessing the secure form of websites, meaning that your connection to the site will be encrypted, and that you will be protected from various forms of surveillance and hacking. |
| Download HTTPS Everywhere for Chrome here. For Firefox here. | Download HTTPS Everywhere for Chrome here. For Firefox here. |
| Here’s a list of FAQ’s about the plug-in, including whether it is available for other browsers. | Here’s a list of FAQ’s about the plug-in, including whether it is available for other browsers. |
| And this is a good time to note that you should always be aware whether the Wi-Fi network you’re using is secure. Public networks — and even private networks without security keys — often are not. | And this is a good time to note that you should always be aware whether the Wi-Fi network you’re using is secure. Public networks — and even private networks without security keys — often are not. |
| You may be in such a hurry to use this feature, available on Chrome, Safari and Firefox, among other browsers, that you do not heed its clear warning. | You may be in such a hurry to use this feature, available on Chrome, Safari and Firefox, among other browsers, that you do not heed its clear warning. |
| On Chrome, the second paragraph of the “incognito” home screen is clear. | On Chrome, the second paragraph of the “incognito” home screen is clear. |
| “You aren’t invisible,” it says. “Going incognito doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit.” | “You aren’t invisible,” it says. “Going incognito doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit.” |
| Mr. Larson recommended Tor in his article, a browser that allows for private web activity. But we’re not going to recommend that here, mostly because Tor is relatively slow and clunky at the moment. | Mr. Larson recommended Tor in his article, a browser that allows for private web activity. But we’re not going to recommend that here, mostly because Tor is relatively slow and clunky at the moment. |
| “I’ll be honest, I don’t use it very often,” Mr. Larson said. | “I’ll be honest, I don’t use it very often,” Mr. Larson said. |
| He said that he suspected other browsers would start adding ways to browse more securely. | He said that he suspected other browsers would start adding ways to browse more securely. |
| “Apple is very security conscious,” he said. “I wouldn’t be surprised if they started to incorporate Tor-like features into Safari.” | “Apple is very security conscious,” he said. “I wouldn’t be surprised if they started to incorporate Tor-like features into Safari.” |
| Mr. Larson said that if people were paranoid about Google, he would strongly encourage them to use DuckDuckGo, an alternative search engine. | Mr. Larson said that if people were paranoid about Google, he would strongly encourage them to use DuckDuckGo, an alternative search engine. |
| He said however, that he personally, was not paranoid. | He said however, that he personally, was not paranoid. |
| “Google is built on the hacker ethic and they have put principle above profits in some aspects,” he said. | “Google is built on the hacker ethic and they have put principle above profits in some aspects,” he said. |
| But he also acknowledged that he meets “people all the time who are extremely skeptical of any large software organization and I think that’s reasonable.” There are trade-offs. Google’s search results are more useful and accurate than competitors’ precisely because of the ways it collects and analyzes information about its customers’ searches. | But he also acknowledged that he meets “people all the time who are extremely skeptical of any large software organization and I think that’s reasonable.” There are trade-offs. Google’s search results are more useful and accurate than competitors’ precisely because of the ways it collects and analyzes information about its customers’ searches. |
| That way, if someone has found a way to compromise your computer, they cannot spy on you through its camera. | That way, if someone has found a way to compromise your computer, they cannot spy on you through its camera. |
| And yes, this happens. | And yes, this happens. |
| Happy encryption. | Happy encryption. |