We live in a very opressed world, where we are constantly being spied upon. Nobody is safe from spies and hackers, we all have crosshairs painted on our backs. Our digital data is very vulnerable, if left as it is, we must encrypt them to know for sure that they are private.
Why do we need Encryption?
Because Encryption secures personal property. If your cryptocurrency wallet is not encrypted, then the coins are not yours, because anyone can steal them. The same goes for your financial documents, identity documents,or other personal and financial info, or even your personal photos that you took with your loved ones and don't want to share with the world!
How to Encrypt Securely?
There are many encryption softwares that offer bulletproof encryption. Don't use those, they are either honey traps (malicious software setup by hackers to steal your data), or scams (promising some crappy software that they know doesn't deliver).
First of all, ditch Windows. If you want to be serious about encryption, ditch it. Windows can get access to your keys, so it doesn't matter what you do on it, it won't be safe.
So now that you use Linux, you have multiple options for multiple purposes:
1) Full Hard Disk Encryption
If you have a working PC where you do your work, you should encrypt all your hard disk, and for this we use LUKS, the built in Linux encryption system. When you setup your Linux, you are given an option to encrypt the entire drive. Do it. This way your data will be safe, especially physically, if someone were to get access to your PC, they cannot read the hard - disk, without knowing the keys.
https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
2) File Encryption
For file encryption, I recommend Veracrypt, it's a successor to Truecrypt, which was unbreakable at that time, although it had other vulnerabilities. To cryber-security experts knowledge Veracrypt doesn't have any vulnerabilities, it has been audited and it's open-source, so you can verify the code.
It offers file encryption with AES-XTS cipher, Serpent, Twofish, and even a combination of them, in a nested format, one layer inside the other, providing very good security. It is pretty much unbreakable by brute force.
You can choose the file container's size, and add extra entropy with mouse movement, and such. It is very well built, with key stretching and many other hardening features that make it pretty much my favorite software.
It also has Plausible Deniability
feature, as you know the 5$ joke:
(Image Source: https://xkcd.com/538)
So if somebody wants to extort you for your data, you can always plausibly deny that you have them, or even mislead the attacker. As Veracrypt offers invisible containers:
- The outer layer contains fake-sensitive data or misleading data, that you don't need, but in case you are extorted, you can reveal this to the attacker, and he would never know that there is another layer.
- The inner layer contains the actual sensitive data that you want to protect, and the attacker can never differentiate the 2 layers from one another, nor prove the existence of this layer.
So you will have 2 passwords, 1 guarding the misleading data, and 1 guarding the actual data. Very genius!
Depending on how important information you hold (1 million Bitcoins) you can never be too careful, as we see more and more hackers and extorters coming after people, including, but not limited to the government.
This is your Encryption 101, if you have any questions, ask them in the comments! Just remember don't forget your password and don't have malware on your PC, otherwise encryption is useless.
There is no 100% secure encryption, the title was a little bit of a clickbait (sorry), but it all depends on how securely you use it, and how careful you are when browsing the web. You get a trojan, and all your encryption becomes worthless.
This is a good (general) piece about security and the role cryptography plays in it. I totally agree with you about how poor Windows security is. I explain the difference between the Linux security model and Windows' is that under Linux, everything is locked down and you must unlock things to provide access. In Windows everything is open and it must be locked down to secure it. Windows started under DOS which had ZERO security. Unix had security built in from the get go.
Nowadays Windows has important OS files protected and somewhat locked down, but it's a patchwork of security layers, not a well designed system, and loopholes and exceptions and different mechanisms used to protect different elements.
I would very much like to see a quality, comprehensive article on keyloggers and how to detect them. They can defeat the best security measures if one finds its' way onto your system. Linux/Max/Windows platforms are all vulnerable to keylogger exploits, which are usually invited onto your system through downloads, especially when you don't pay close attention to the options. Some companies like Oracle, go so far as to ignore users preferences and install bloatware / malware anyways, like the Ask toolbar. It's real easy to get infected by using Oracle's Java installer. Despicable practice, both by Oracle as well as the creators of the Ask toolbar.
Well I use Windows 7 on my laptop and yes it is very different from linux. It is still good for casual use and browsing social media, and software that doesnt work on linux, but if you want to keep money, above all, securely, then you have to ditch windows.
I see people on bitcointalk holding 1000-2000 BTC on Windows. What are they thinking?
IMHO, they aren't thinking very well!