[cryptography] Question About Best Practices for Personal File Encryption

Mark Thomas mark00thomas at gmail.com
Sat Aug 16 19:26:28 EDT 2014

We all know that a request from grieving family members or from the United States Government are answered in ways that the should only be justified for the other party (i.e.. saying “no" to the USG and “yes" to the family).

Never the less, I pose the original question again, without the Apple distractor:

What are you guys using to encrypt individual files and folders or even entire drives like a USB?

I am thinking that:

1. Any commercial product could be compromised and is possibly not completely secure.

2. It is probably open source.

3. It is probably implemented with the command line.

Am I on the right track? If so does anyone know of a helpful guide to get started with OpenSSL on the command line besides the man pages?



On 2014.08.16, at 5:11 PM, Jeffrey Walton <noloader at gmail.com> wrote:

> On Sat, Aug 16, 2014 at 5:21 PM, Christopher Nielsen
> <m4dh4tt3r at gmail.com> wrote:
>> On Aug 15, 2014 11:06 PM, "Mark Thomas" <mark00thomas at gmail.com> wrote:
>>> I have a question for the group, if I may ask it here and in this manner
>>> (?).
>>> What are you guys using to encrypt individual files and folders or even
>>> entire drives like a USB?
>>> I am thinking that:
>>> 1. any commercial product could be compromised and not completely secure.
>>> Like Apple’s FileVault2, which Apple has a key to.
>> The comment about Apple is simply false. Apple does not have a key to
>> FileVault2 unless you escrow your key with them. I know this because a dear
>> friend recently passed, and his family was not able to gain access to his
>> encrypted drives through Apple.
> You can't trust Apple as far as you can pick them up and throw them.
> There's nothing special about Apple, and others are just as bad.
> Also, less than one month old: "Apple Confirms 'Backdoors'; Downplays
> Their Severity", http://www.zdziarski.com/blog/?p=3466.
> And remember, according to Apple, they were not tracking users either.
> "Apple faces class action suit for tracking users without consent",
> http://nakedsecurity.sophos.com/2014/08/04/apple-faces-class-action-suit-for-tracking-users-without-consent/.
> And let's not forget this: "Apple deluged by police demands to decrypt
> iPhones", http://www.cnet.com/news/apple-deluged-by-police-demands-to-decrypt-iphones/.
> They've been caught lying so much they have no credibility.
> Sorry to hear about your friend. Apple's unwillingness to help allows
> provides them with cover. They can't have documented cases of
> circumventing their security controls. That's bad for business.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140816/94d3f076/attachment.html>

More information about the cryptography mailing list