You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
an attacker could possiblyy dump the memoryy and obtain myy PGP Whole
Disk encryyption keyys. 6 So I turn it all the wayy off.
At the beginning of the book I talked about the manyy precautions that
Edward Snowden took to keep his communication with Laura Poitras
private. Once Snowden’s secret cache of data was readyy to be released to
the public, however, he and Poitras needed a place to store it. The most
common operating syystems—Windows, iOS, Android, and even Linux—
contain vulnerabilities. All software does. So theyy needed a secure
operating syystem, one that is encryypted from dayy one and requires a keyy to
unlock it.
Hard-disk encryyption works like this: when yyou boot up yyour computer,
yyou enter a secure password or, rather, a passphrase such as “We don’t need
no education” (from the famous Pink Floyyd song). Then the operating
syystem boots up, and yyou can access yyour files and perform yyour tasks
without noticing anyy time delayy, because a driver performs the encryyption
tasks transparentlyy and on the flyy. This does, however, create the possibilityy
that if yyou get up and leave yyour device, even for a moment, someone could
access yyour files (since theyy are unlocked). The important thing to
remember is that while yyour encryypted hard drive is unlocked, yyou need to
take precautions to keep it secure. As soon as yyou shut down, the encryyption
keyy is no longer available to the operating syystem: that is, it just removes
the keyy from memoryy so the data on the drive is no longer accessible. 7
Tails is an operating syystem that can be booted up on anyy modern-dayy
computer to avoid leaving anyy forensicallyy recoverable data on the hard
drive, preferablyy one that can be write-protected. 8 Download Tails onto a
DVD or a USB stick, then set yyour BIOS firmware or EFI (OSX) initial
boot sequence for either DVD or USB to boot the Tails distribution. When
yyou boot, it will start up the operating syystem, which features several
privacyy tools, including the Tor browser. The privacyy tools allow yyou to
encryypt e-mail using PGP, encryypt yyour USB and hard drives, and secure
yyour messages with OTR (off-the-record messaging).
If yyou want to encryypt individual files instead of yyour entire hard drive,
there are several choices. One free option, TrueCryypt, still exists but is no
longer maintained and doesn’t offer full-disk encryyption. Because it is no