# Encrypt your Data! # "why encrypt?" -> "why not?!" "it's hard!" -> "it's not." "but i got nothing to hide." then you got nothing to lose. :) "i am not an interesting person.. my data is worthless." maybe you are not yet interesting now. but some day you might. and by then all the information about you will be useful - to someone else. why give it to them without effort? besides: if your system encrypted all the data before sending it away and all automatically without any effort to you.. would you mind? when companies (banks) tell you that you *must* use encryption to secure your data (eg for online banking) then why don't you use it for everything else (chat, emails, files..) as well? however, when your government tells you to use *less* secure cryptography (to encrypt your personal data) doesn't that make you feel like a second class citizen? why would a good citizen use something less secure - while the "bad ones" use whatever they want? remember: "If privacy is outlawed, only outlaws will have privacy." "but THEY can crack anything, anyway." no, they can't. finding your secret key in a short amount of time is highly unlikely. besides, cracking the crypto algorithms isn't the goal as the algorithms are mostly open to everyone, anyway. it is about finding the keys only. and the keys are taken a set of huge numbers. guessing one of 14million numbers, ie "winning the lottery" is a much simpler task. "installing programs, configurations, and all those commands - that's a lot of work. i dont want all that. life should be easy." well, once you know you definitely need it, it might be too late. because until then, you have been communicating in the open and have allowed everyone to copy and read all messages very easily. "which system is the most secure?" the system that you know. so - *know* your system! learn something about it. read. discuss. test it. "i'd rather use a system where i don't have to worry about cleaning up all those data.." well - try TAILS then. when you shut it down, then it will forget about everything. that's why it is "The Amnesic Incognito Live System". "but won't the use of encryption alert the authorities even more than sending every message in plain text?" when everyone is using encryption then this *is* normal - and noone stands out. "so.. i should encrypt. but why encrypt everything rather than only the important messages?" when every of your encrypted messages contains the really important information then it tells your adversaries just that: it *is* important. it is worthy of attacking and decrypting. when you encrypt everything then the attackers might be losing their money, resources, and time by decrypting something quite unimportant. "but.. how do you use that system then?" well - join a cryptoparty - and just ask. :-) to encrypt messages your software needs the public key of the recipient. here is mine: gpg: 8000R/0185391B [2014-03-11] mailto: guckes(dot)crypto(at)guckes(dot)net # Food for Thought # some questions as food for thought: * are copies of data you gave away still your data? * are data *about* you really *your* data? * can you access all copies of your data? * if you can - are you allowed to modify those copies? * how can you prove that some data has actually been created by you? some ideas: * put a watermark into your data. * add a license to your data. * add a digital signature to your data. # Statements # protect privacy! open public data! protect private data. use public data. "we need transparent governments.. not transparent citizens." "governments which have nothing to hide do not need to be afraid of wikileaks." ;) "People should not be afraid of their governments. Governments should be afraid of their people." 2018-04-06 by Sven Guckes http://www.guckes.net/talks/encrypt_your_data.txt EOF