All your files if placed in a cloud has the potential to be read or flagged for content. As a privacy-conscious user, it is important to take a look at secure encryption tools so that your data remains data meant for only your viewing. This includes viewing vis-a-vis robots as well. --- Encryption tools: Typical encryption setups for computers include BitLocker for Windows or [LUKS](https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/README.md) for Linux. BitLocker is typically an enterprise encryption tool used for businesses but it can also be enabled on Home computers too if you follow these [instructions](https://www.privacyguides.org/en/encryption/#veracrypt-disk). Browser Based: - [Hat.sh](https://hat.sh) - provides file encryption within browser - ![[Pasted image 20230810192136.png]] Command Line: - [Kryptor](https://www.kryptor.co.uk) - a simple, modern, and secure file encryption and signing tool for Windows, Linux, and macOS. A leaner, user-firendly alternative to GPG. - [Veracrypt](https://veracrypt.fr/en/Home.html) - free open source disk encryption software - Quite popular. VeraCrypt main features: - Creates a **virtual encrypted disk** within a file and mounts it as a real disk. - Encrypts an **entire partition or storage device** such as USB flash drive or hard drive. - Encrypts a **partition or drive where Windows is installed** ([pre-boot authentication](https://veracrypt.fr/en/System%20Encryption.html)). - Encryption is [**automatic**, **real-time**(on-the-fly) and **transparent**](https://veracrypt.fr/en/Documentation.html). - [Parallelization](https://veracrypt.fr/en/Parallelization.html) and [pipelining](https://veracrypt.fr/en/Pipelining.html) allow data to be read and written as fast as if the drive was not encrypted. - Encryption can be [hardware-accelerated](https://veracrypt.fr/en/Hardware%20Acceleration.html) on modern processors. - Provides **[plausible deniability](https://veracrypt.fr/en/Plausible%20Deniability.html)**, in case an adversary forces you to reveal the password: **[Hidden volume](https://veracrypt.fr/en/Hidden%20Volume.html)** (steganography) and **[hidden operating system](https://veracrypt.fr/en/Hidden%20Operating%20System.html)**. - More information about the features of VeraCrypt may be found in the [**documentation**](https://veracrypt.fr/en/Documentation.html) - [Cryptomater](https://cryptomator.org) - for cloud encryption. - Cryptsetup - an open source utility for disk encryption - OpenPGP - Open Source implementation of Pretty Good Privacy. Has been around a long time. Good for encrypting email or digitally signing. - use future defauts when generating keys - When [generating keys](https://www.gnupg.org/gph/en/manual/c14.html) we suggest using the `future-default` command as this will instruct GnuPG use modern cryptography such as [Curve25519](https://en.wikipedia.org/wiki/Curve25519#History) and [Ed25519](https://ed25519.cr.yp.to/): ```gpg --quick-gen-key alice@example.com future-default``` - Email: - [Tutanota](https://tutanota.com) - privacy-conscious email service with great UI & updating for PQC algorithm-resistant software! ### Installing Cryptomater: 1. Install [MacFUSE](obsidian://open?vault=enter&file=Coding%20Tips%20(Classical)%2FTerminal%20Tips%2FComputers%2FApple%20Macbook%2FMacFUSE) 2. Download [Cryptomater](https://cryptomator.org/downloads/) 3. Follow the [documentation](https://docs.cryptomator.org/en/latest/desktop/getting-started/#desktop-getting-started) after installing to Applications. 1. Create new vaults or existing ones using `AddVault` button left hand corner ![[Pasted image 20230810193826.png]] ![[Pasted image 20230810193908.png]] ![[Pasted image 20230810193916.png]] ![[Pasted image 20230810193924.png]] ![[Pasted image 20230810193931.png]] ## Open an Existing Vault To open an existing vault, you need to locate the `masterkey.cryptomator` file of the vault you wish to open.