How Do You Keep Your Data Private?
Penelope Pitstop
Community Member
Hello all,
I think 1PW is brilliant and I couldn’t imagine being without it. Friends and relatives complain about my continual nagging for them to buy it.I just wish I could enjoy the same combination of privacy and convenience for the rest of my data across all my devices.
I’m not sure but I think a complex passcode on iOS keeps all the data on those devices private (http://support.apple.com/kb/HT4175) and iCloud uses encryption (http://support.apple.com/kb/HT4865). Is that correct or am I misinformed?
If iOS/iCloud data privacy is assured by design. This means that I only have to be concerned with OS X and Windows.
For OS X, FileVault 2 seemed to be the solution on the surface. I tried it for a few months and found it to be rock solid. I loved the automatic nature of it - just like 1PW. However it is not without issues.
Firstly, your data is only encrypted when the device is completely shut down. So if you just shut the lid on a notebook to put it to sleep, your data is not encrypted. This wouldn’t be a problem but unfortunately FV 2 seems to dramatically lengthen shutdown and startup times. This makes effective use of FV 2 intrusive. Secondly, FV 2 seems to fragment your hard drive. Thirdly, FV 2 renders things like Undercover useless if the computer was shutdown since you can’t have a guest user that would run it.
Partial solutions like encrypted disk images require you to manually manage what you encrypt and when you open/close them.
So I guess I'm just coming to terms with the usual tradeoff between security and convenience but I'm curious, what do you do to keep your data private?
I think 1PW is brilliant and I couldn’t imagine being without it. Friends and relatives complain about my continual nagging for them to buy it.I just wish I could enjoy the same combination of privacy and convenience for the rest of my data across all my devices.
I’m not sure but I think a complex passcode on iOS keeps all the data on those devices private (http://support.apple.com/kb/HT4175) and iCloud uses encryption (http://support.apple.com/kb/HT4865). Is that correct or am I misinformed?
If iOS/iCloud data privacy is assured by design. This means that I only have to be concerned with OS X and Windows.
For OS X, FileVault 2 seemed to be the solution on the surface. I tried it for a few months and found it to be rock solid. I loved the automatic nature of it - just like 1PW. However it is not without issues.
Firstly, your data is only encrypted when the device is completely shut down. So if you just shut the lid on a notebook to put it to sleep, your data is not encrypted. This wouldn’t be a problem but unfortunately FV 2 seems to dramatically lengthen shutdown and startup times. This makes effective use of FV 2 intrusive. Secondly, FV 2 seems to fragment your hard drive. Thirdly, FV 2 renders things like Undercover useless if the computer was shutdown since you can’t have a guest user that would run it.
Partial solutions like encrypted disk images require you to manually manage what you encrypt and when you open/close them.
So I guess I'm just coming to terms with the usual tradeoff between security and convenience but I'm curious, what do you do to keep your data private?
0
Comments
-
The following is just my opinion: I don't consider Dropbox or iCloud "safe". In todays world I don't think it is smart to give any company (be it Google, Apple or Dropbox) access to your personal data. Why do you think, Google pays people (in Amazon checks, http://www.heise.de/newsticker/meldung/Google-sucht-Chrome-Nutzer-fuer-Studie-1430447.html , german) to provide their complete data information? People need to realize that with Google *they* are the product. They are the ones getting analyzed by algorithms.
"What do you do to keep your data private?"
-> Use disk and mail encryption. Don't give away personal data and sync via USB not WLAN or even iCloud or Dropbox. Simple as that.0 -
Partial solutions like encrypted disk images require you to manually manage what you encrypt and when you open/close them.
I've found this to be the best option for my needs. Knox works well for my use case. It makes "manually managing" encrypted disk images (or "vaults" as we call them) trivial.FV 2 renders things like Undercover useless if the computer was shutdown since you can’t have a guest user that would run it.
Precisely why I use Knox with more selective encryption rather than FileVault.
YMMV.
0 -
khad wrote:
I've found this to be the best option for my needs. Knox works well for my use case. It makes "manually managing" encrypted disk images (or "vaults" as we call them) trivial.
Knox can't be beat for ease of use on OS X. TrueCrypt is ugly and considerably more complex, but it lets you mount your secure volumes in OS X, Windows, and Linux, and the newest version runs on Lion and 64-bit Snow Leopard.0 -
Thank you all for your replies.
@benfdc, Thanks for the link to spideroak. I wasn't aware of them. I'm obviously missing something. How does that service take care of encrypting your local hard drive?
@khad, I've tried Knox and I think it is a great product. Maybe I'm missing something but I don't think it overcomes the issue I was talking about. If I shut the lid on my MacBook whilst vaults are open, they aren't locked automatically like a 1PW keychain are they?
Also, how would you sync data in a vault with an iOS device?0 -
@khad, I've tried Knox and I think it is a great product. Maybe I'm missing something but I don't think it overcomes the issue I was talking about. If I shut the lid on my MacBook whilst vaults are open, they aren't locked automatically like a 1PW keychain are they?
No, Knox will never automatically unmount/close vaults. This is intentional because there are not always reliable ways to tell if there is a file still opened from the vault. Unmounting when you lock the machine could very likely lead to data loss.
Also, how would you sync data in a vault with an iOS device?
I don't know of a good solution at this time. Nothing I store in my vaults is anything that I need access to when I am on the go. In the same way that I don't carry around physical files like my old tax information, birth certificate, etc., There is stuff that I need to keep securely but am okay with not having constant immediate access to.
Again, YMMV...0 -
Penelope Pitstop wrote:@benfdc, Thanks for the link to spideroak. I wasn't aware of them. I'm obviously missing something. How does that service take care of encrypting your local hard drive?
SpiderOak doesn't protect data on your computer (except in the sense that secure offsite backup constitutes an important form of protection). SpiderOak is primarily a sync service along the lines of Dropbox or SugarSync, but with a completely different security architecture. When you use SpiderOak your data resides on the company’s servers in the form of encrypted blocks. If you stick to the basics and steer clear of features like share rooms and web access, there will be no information on SpiderOak’s servers about the contents of your files, or their names, or the number of individual files, etc.
If you will, SpiderOak is to Dropbox as Hushmail is to Hotmail.
I'm a happy user of SugarSync and Dropbox, but for sensitive files (TurboTax, Quicken, and the like) I rely on SpiderOak. If I need to secure stuff on my hard drive, I rely on encrypted .dmg files (what Knox uses) or, if cross-platform access to the data is required, TrueCrypt volumes. A third option I’ve played with but never made serious use of is an Ubuntu 11.10 virtual machine with an encrypted home directory that I run in VirtualBox.0
This discussion has been closed.