It's time for you (yes, you) to learn about data encryption. And Iwon't tolerate any debate.
I realize that for most users, encryption is like the section ofthe video store that sells the smutty Japanese horror occultcartoons. You're aware it's there, but it's just a blur on your wayto the Simpsons Season Three boxed set.
Well, sit tight, sensation-seekers, because the day is fastapproaching when no sensible computer user should go out in the wide,wild world without a working knowledge of Vampire Princess Miyu orTenchi Muyo.
Why? Well, for one, your computer's more vulnerable now than itever was. You have a big, broadband pipe to the Internet that's on 24/7, and while you've installed firewall software to defend your PCagainst unauthorized remote access no protection is 100 percenteffective.
Even if your PC is secure, how's that mail server you justtransmitted a confidential report through? How's the hard drive ofthe person who received it?
Furthermore, more of your personal business is being conducted viayour PC. Five years ago, the worst that people could get off yourmachine would have been a set of game high scores and a collection oflight bulb jokes. Today, there's hardly a piece of financial orpersonal information that doesn't sit on your drive somewhere.
If you're not worried about someone breaking through yourfirewall, you ought to be worried about someone breaking into yourhouse and running off with your laptop. You didn't think about that,did you?
It's time for some added vigilance. PGP (pretty good protection)is the current de-facto standard for personal encryption. Head towww.pgp.com, where both free and commercial ($50) versions of PGPsoftware are available for both Windows and MacOS.
When you first install the PGP software, you choose a long,impossible-to-guess private key. We're not talking about somethingsimple like "swordfish" or "sesame" here; we're talking about"marleywasdeadtobeg1nw1ththerewasnodoubtaboutthat4242" because that'sthe magic key that can unlock anything and everything you'veprotected via PGP.
Here's what the app can do for you.
For starters, the commercial version can create a virtual "PGPDisk." This is a chunk of your hard drive in which every scrap ofdata is automatically encrypted when it's written and decrypted whenit's read. Think of it as a locked file cabinet in your office. It'sinaccessible until you specifically open it and enter your key, atwhich time the OS treats it like a removable volume.
As soon as you tell PGP to unmount the PGP Disk--or if you putyour laptop to Sleep or if X minutes pass without your accessing it--PGP closes the disk, locks it and hides it away again. The advantageover a real filing cabinet is that its entire contents are unreadablegarbage without the right key.
The second half of PGP's features will protect your e-mail. Fromyour private key, PGP generates a "public key:" a block ofgobbledygook that will allow a third party to encrypt a message or afile so that only your private key can decrypt it.
It's sort of like having an enormous box of padlocks that all usethe same key. You can openly send a lock to a friend, he snaps itaround whatever he wants to send you, and then even he can't read itin transit. Not by grabbing it off a server or sniffing the networktraffic: no way, no how, not without help from the gummint.
You don't even have to send someone your public key first. "Keyservers" are centralized storehouses of the things; ask it "What'sGern Blanstev's public key?" and it'll tell you--though of coursethere's no assurance that this is the specific Gern Blanstev you'relooking for.
In the field of security, the stakes have gone sky-high. It'slamentable that you need to start learning about such things, in muchthe same way that it's lamentable that you can no longer simply hitch-hike your way across the country any more. But it's necessary.
Ignorance is deadly.
Andy Ihnatko writes on computer issues for the Sun-Times.
Комментариев нет:
Отправить комментарий