Today's article is based on a question someone sent via the linux-tips.us site...

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,499
Reaction score
9,998
Credits
95,342
I don't normally encourage questions but it doesn't annoy me or anything. I usually just don't have time to encourage it and, frankly, I don't always know the answer. I don't have the time to research for answers I don't have.

The question asked was 'how would I encrypt a USB drive' and I didn't quite answer that. Instead, I answered with how I'd suggest others encrypt a USB thumbdrive. I'd use a tool called cryptsetup but that's not what I'd suggest using. I'd suggest just using Gnome Disks and having a fancy GUI to encrypt your thumbdrives.


So, it made a good enough article, I think. I didn't take screenshots because it was an emailed response. I do think it was described accurately enough. I don't think I missed any steps. As always, I do love me some feedback. That makes the articles so much better.
 


This is a helpful hint. I have had some small experience with encryption over the years. I would like everyone to think about the following:

Remembering The Passphrase Or Password
Recall can be fickle. Ask yourself why every online service has "forgot password" as their primary support question that appears everywhere? Can you truly remember something that may sit dormant for years? ... and keep remembering it as you age? I was overconfident and cocky about remembering sensitive information in my day, too. When was the last time you signed or encrypted email with PGP? Do you remember the passphrase if you had to open an old encrypted email? Do you still have the private keys?

Recovering The Passphrase Or Password. What Happens When You're Gone?
What if something happens to the person or people who know it? Do you have an emergency method so your loved ones could recover the data that you want them to have? Can they figure out how to turn off software subscription charges and renew your family domain names before they expire? My children know how to find the instructions I left them in case of the unexpected. When family visits from out of state, we swap backup drives, too.

Finding The Equipment and Software Tools You Need Later, To Recover The Data Over A Long Time
I needed to recover some source code from the 1990s, and it was on a CD, encrypted. It took hours to locate an old system that could read the data, an installer for the old encryption tools that were used, and the passphrase. That could have been the tip of a large iceberg of lost data.

This is a specific case of a more generalized data medium and format obsolescence problem that we all know. I have "data" on: Floppy disks, CD-R and DVD-R, 8mm digital video tapes (our family videos), vinyl records, VHS tapes, etc. etc. etc. Some of it has shown signs of decay over time, while others are in formats that cannot be read. Sometimes the issue is you cannot obtain a device that can read it. (I finally gave up trying to recover some important data from a very old floppy format. "Modern" floppy drive hardware cannot read that old format, which is physically different than other formats. I finally destroyed those floppies about a year ago.)

-> Adding encryption to the mix decreases your chances of recovering your data when you want it, especially long term. It also decreases the chances that bad guys will get your data, and that is why you use it.
 
Ask yourself why every online service has "forgot password" as their primary support question that appears everywhere?

I use 'forgot password' as my password manager unless I access the site frequently. I just mash whatever keys I want and use that as my password - with no intention to remember it. If it's a site I don't care about, I might use a REALLY simple password. I do not care if other people use the account, Hack away and have fun.

That's maybe getting less true, as I've been playing with a password manager again.
 
I use a password manager to generate unique, strong, very long, random passwords. I store them locally. I keep my own backups and never "sync" them on the internet. My approach is simple, straightforward, and secure. KISS.
 
Yeah, local storage only for the password manager. I'm not going to store my passwords in the cloud (on a computer not controlled by me). I know, they're encrypted. I still don't care.
 
This is a helpful hint. I have had some small experience with encryption over the years. I would like everyone to think about the following:

Remembering The Passphrase Or Password
Recall can be fickle. Ask yourself why every online service has "forgot password" as their primary support question that appears everywhere? Can you truly remember something that may sit dormant for years? ... and keep remembering it as you age? I was overconfident and cocky about remembering sensitive information in my day, too. When was the last time you signed or encrypted email with PGP? Do you remember the passphrase if you had to open an old encrypted email? Do you still have the private keys?

Recovering The Passphrase Or Password. What Happens When You're Gone?
What if something happens to the person or people who know it? Do you have an emergency method so your loved ones could recover the data that you want them to have? Can they figure out how to turn off software subscription charges and renew your family domain names before they expire? My children know how to find the instructions I left them in case of the unexpected. When family visits from out of state, we swap backup drives, too.

Finding The Equipment and Software Tools You Need Later, To Recover The Data Over A Long Time
I needed to recover some source code from the 1990s, and it was on a CD, encrypted. It took hours to locate an old system that could read the data, an installer for the old encryption tools that were used, and the passphrase. That could have been the tip of a large iceberg of lost data.

This is a specific case of a more generalized data medium and format obsolescence problem that we all know. I have "data" on: Floppy disks, CD-R and DVD-R, 8mm digital video tapes (our family videos), vinyl records, VHS tapes, etc. etc. etc. Some of it has shown signs of decay over time, while others are in formats that cannot be read. Sometimes the issue is you cannot obtain a device that can read it. (I finally gave up trying to recover some important data from a very old floppy format. "Modern" floppy drive hardware cannot read that old format, which is physically different than other formats. I finally destroyed those floppies about a year ago.)

-> Adding encryption to the mix decreases your chances of recovering your data when you want it, especially long term. It also decreases the chances that bad guys will get your data, and that is why you use it.
I do use a Password Manager but I also keep spiral bound notebooks beside each of my computers.
Whenever I make a new password for a new site/app or change a password I write it down so I always have a 'hard copy'.
I figure that this way in the event of my much lamented demise the family will be able to access all my data.
Good luck flipping back through ten or twelve years worth of notebooks kids!
(Perhaps this is one way to finally get them to RTFM!) LOL
 
Good luck flipping back through ten or twelve years worth of notebooks kids!

I've pondered various ways to send my kids on a wild goose hunt after my death. So far, my favorite idea is leaving cryptic clues at various locations and with various people. I'm not sure if I want to leave something special at the end, or if I want to leave a witty comment about how they should learn to appreciate the journey.

I've kept a journal, nearly daily, for a bit more than fifty years. They're all in separate composition notebooks, neatly organized year by year. During my academic life and my work life, I'd often keep a second journal.

So, I could pretend there's something hidden in those writings (there isn't anything) and send them on their merry way, reading all those journals...
 
I bet there is more than you may think.

By that I meant things like clues to find the hidden treasure. There are no clues in there.

There could be, easily enough. Though, it might be funnier if there were no clues and they thought there were clues.
 
I do use a Password Manager but I also keep spiral bound notebooks beside each of my computers.
Whenever I make a new password for a new site/app or change a password I write it down so I always have a 'hard copy'.
There is surely something to be said for "hard copy". Inscribed markings, like rock inscriptions, and "pencil and paper", though perhaps old technology, has such a well-honed proven record ... just fits my comfort zone too much to be abandoned.
 
Same here, I have a little notebook...... ;)
 

Members online


Top