The Case for Encryption

It’s hard to figure out where to begin a blog post about encryption. It’s like explaining air, or the sun. It’s sort of a given starting point that everything unravels without. Encryption, for those who have somehow stumbled on this blog by accident or may have forgotten my previous overviews of it, is basically using a code to hide your data. For example, when you were young, you may have used a hidden language to pass notes to your friends in class. Maybe A=1, B=2, etc. Or maybe you even drew your own unique symbols. Those are, technically, a type of encryption. Weak encryption, but still encryption nonetheless. More modern encryption protocols, like Signal and AES are significantly more advanced but at it’s root, the concept is the same: we’re replacing easily understood words with complex substitutes and – in a perfect world – you can only figure out how to turn them back into the easily understood words with a “key,” which explains the code. In the grade school example I gave earlier, the “key” is knowing that A=1, B=2, and so forth. In more advanced software encryption, the key is your password or passphrase. This is, of course, a tremendously high-level overview that dramatically oversimplifies things, but it gets the basic point across.

Encryption is a concept that I harp on with every service I recommend, specifically what’s called “End-to-End Encryption” or “E2EE.” I’ve mentioned in other blog posts that technically a majority of the internet is encrypted when using HTTPS. Additionally, most services and websites offer at least a basic level of encryption when it comes to things like saving passwords, credit card information, and even sending messages. The thing is, those types of encryption only work against outsiders. Facebook messages, for example, are encrypted to anyone outside of Facebook. Google can’t read them, the random hacker can’t read them (technically), but Facebook employees can read them as if you sent it to them. E2EE defeats this. E2EE messages can ONLY be read by you and the recipient, provided you used the service correctly. Even the provider can’t read them. For example, if both you and the recipient are using ProtonMail to email each other, Proton can’t read your emails. (Note: that’s an example of “using the service correctly.” It is outside the scope of this specific blog post to talk about how to use various services correctly, so make sure you understand what that means before assuming your privacy and security.)

Encryption, however, is not limited simply to your communications. Encryption can be used on your various devices to protect them when not in use. And I recommend this, especially for devices that are prone to being lost or stolen, such as phones, laptops, and tablets. Encrypting these devices ensures that even if your device is lost or stolen, your sensitive personal information is safe from whoever finds it.

Apple recently released a commercial that announces (accurately) that there is a ton of private information on your phone. Contacts, health information, diet information, communications, a history of where you've been, and more. Even if backed up to the cloud, think about what all that information reveals about you. Pictures, some of which may be very personal. Apps that are always logged in to your accounts. Bank information. Maybe your map program even has your home or office saved in it. And now imagine any random stranger downtown having that information to peruse freely.

For that reason alone, I highly encourage everyone to encrypt their devices. According to Statista, the number of lost or stolen devices ranges from 45% to 20%, depending on age range. This number is from 2012, and is the most recent, credible source I could find. One article from the Daily Texan in 2014 claims that number is on the rise. Digital Trends reported over 1 million devices stolen in 2014 (not including lost devices). I expect the numbers continue this trend into the current year. The math is not in your favor.

Encrypting devices varies from operating system to operating system, and it changes quickly. At the time of this writing, my research indicates that iPhones are encrypted automatically by adding any kind of login security (passcode, fingerprint, etc). Android devices, on the other hand, must be encrypted via the “Security” options under “Settings.” Be sure to backup your device first and keep it plugged in while it encrypts, as it has been known to take some time and can sometimes go wrong.

For desktop operating systems, Macbooks have their own built-in encryption software called “File Vault” located under “Security and Privacy” in the “System Settings” menu. Windows 10 devices come in several flavors, technically, and some of the more advanced-level flavors (Pro and Education, for example) come with a program called BitLocker, which is basically Microsoft’s answer to File Vault. Since most of us reading this are likely using Windows 10 Home, there’s a solution that doesn’t cost $100+: a free, open source program called VeraCrypt. It can be a little bit intimidating, but it’s not as scary as it seems. Here’s a guide on exactly how to encrypt your Windows computer using it.

Enabling encryption on all your devices is a good idea, especially – again – on devices that you are likely to leave the house with or are easily stolen such as phones, tablets, and laptops. At very least, encrypting these devices will ensure that your personal data gets erased rather than accessed and abused by any would-be thieves. The negatives of encryption are minimal, almost to the point of being nonexistent in my opinion, with one major exception: be sure not to lose or forget your password, or else you’ll be locked out for good. Most of these encryption features are powerful and effective, meaning that without the key, you’re in trouble. Keep that password somewhere safe and secure, and hopefully you’ll be one of the lucky ones who never has to worry about this stuff.