WikiLeaks – How safe is your data
With the latest announcements from WikiLeaks with information they somehow got from the CIA regards how they hack your devices, should we be worried? Can governments, whether our own or foreign see what we are saying in supposedly private messaging apps? Is our data safe when we’re using apps like WhatsApp and Signal? Do we need to do anything to make ourselves more secure and secure sensitive data? If these applications are insecure in the way the CIA are able to use them what does that mean for our data privacy in general? If software has a back door put in there for governments to use is that also a vulnerability which thieves and criminals could make use of?
The security of data in messaging apps
We should be safe when using messaging apps like Apple’s Messages, WhatsApp, Signal, Keybase or Telegram which say they have end to end encryption. We certainly are safe using these applications in terms of the man in the middle attack. It’s not possible for a nefarious person of whatever flavour to read the messages as they travel down the Internets tubes from one user to another. Unfortunately, there are still vectors of attack which work along the same lines as someone looking over your shoulder while you are using your computer. If for example you are sitting in front of your computer using Messages to send delicate information to a friend, somebody standing behind you could see what os on the screen. Same as if when the message arrives at the destination and the computer at the other end is insecure there’s a vulnerability there too. How do we protect ourselves from people looking over our shoulders, how do we secure our computers and keep their data safe?
The first thing to do is to make sure you use a good password to access your computer. The quality of the password you use, the unbreakability and security of it depends upon a number of variables. If your computer is in a securely locked room in a secure building containing data not particularly sought-after by anyone then you might only need a short, quick password. If you use your computer in a school or within an office and there are plenty of people wandering around it’s a different matter altogether. You’ll want to make sure that your computer goes to sleep in a secure mode when you move away from the computer. If you think you’re not going to remember to do this every time you walk away then change the settings. Make your computer go to sleep automatically inside of one minute if it’s not being used. Have a password which has enough entropy to be secure. This means you want our password which is long. It is possible to make passwords which even though they’re long they are still easy to remember.
Good computer security
The good thing about our iPhone and the new MacBook Pro is that they are protected by biometric security in the form of fingerprints. It’s not possible for a bad person to access your computer without your thumb or finger print. In time all computers will be protected in this way and to gain access we will have to use a fingerprint or an eye scan. It’s possible to set up a system where a computer will go in to secure mode whenever you move more than a certain distance away from it. This can be set up with your Apple Watch or phone and using Bluetooth it will know if you have gone more than one or two metres away from your computer. You can also set things up so that when you return it will unlock as soon as you are within the right distance from machine again. If somebody takes the watch off your wrist and goes to your computer then it shouldn’t unlock your computer. For secure sensitive dataYou will also have a password on your watch to prevent it from unlocking your computer.
Use two factor authentication to Secure sensitive data
Use two factor authentication on your main accounts. So for accounts like email, Apple ID iCloud, Facebook, Twitter and those sorts of places you enter a time sensitive code to get in. I can get the code from another device such as from my Apple Watch, my iPhone, or my iPad. The way it works is that you still use your normal password (something you know) and then you’ll be required to enter another code which only lasts for 30 seconds from the other device. (Something you have). So even if somebody had your password to get into one of your protected accounts such as your Gmail account, they still wouldn’t be able to get in. An advantage of 2FA is that you can use public computers to access these accounts. Even if those public computers are compromised no one else will be able to access your data within those accounts. Still might not be a good idea to enter a load of sensitive data in case of a keylogger. More and more services are offering two factor authentication to help beef up your data security.
It is still possible to stay safe
- Secure messaging apps with end-to-end encryption are a good idea and still safe to use. Just make sure your device is as secure as it can be.
- Despite some of the sensationalism around the reporting of WikiLeaks revelations you’ll still be safe if you take basic precautions.
- Use two factor authentication and an application like Authy or Google two Factor Authenticator to secure sensitive data.
- Change the passwords on your most important accounts regularly, every six months is good. If you’ve used a public computer you should change your passwords at the earliest opportunity. Even if you have been using two factor authentication; Just to be safe!
Encryption of data on the computer
There are possibilities to encrypt the whole of your disk on your desktop computers. It’s more necessary to do something like this when you are using a laptop computer you travel with. Or if the computer is in a public area such as an office where it could be tampered with or stolen. With this protection in place if the computer is stolen the thief wouldn’t be able to take out the hard disk and have any way of accessing the data.
Use Pretty Good Privacy encryption to secure sensitive data
If you don’t want to encrypt the whole of the disk then you could just encrypt specific files. Use PGP or GPG to secure sensitive data, encrypt files and folders. Make sure you have good passwords and keep them safe in a password manager such as 1Password and have a good password to protect your passwords vault.