A simple password stops criminal types gaining access to your machine, but doesn't protect your data if the hard drive gets removed, or stop attempts to intercept your internet connection. To achieve that goal, you need encryption, but it can be a confusing topic. Here are the basics everyone needs to know.
What is encryption?
In really simple terms, encryption is like the secret code systems you might have played with as a child. For instance, take this sentence:
This is the saddest story I have ever heard.
If you replace every letter with the letter two places before it in the alphabet (so A becomes Y, E becomes C, S becomes Q and so on), the sentence becomes impossible to read:
Rfgq gq rfc qybbcqr qrmpw G fytc ctcp fcypb.
Gibberish, right? But if you know the method used, it's possible (though laborious) to restore the original characters (a process known as decryption) and read the text.
Making that change is a fiddly task for a human, but easy for a computer. While the methods used are much more complex, encryption involves transforming the information stored on a machine or transmitted over the net so that it doesn't make sense if you don't know the transformation involved. With modern computers, that's not difficult to do "on the fly", meaning information can be stored or transmitted in "encrypted" form and then transformed back the original format as needed.
The example of a secret code given above is actually trivially easy for a computer to solve (attempting every possible shift of letters and seeing which ones produce recognisable words is a process that can be completed in no time at all with the right approach). Modern encryption systems use much more sophisticated systems involving mutually-agreed passwords -- often referred to as keys -- and complicated mathematical methods. But in practical terms, what you need to understand is that encrypted data can't readily be decrypted if you don't know the encryption method used and the relevant key or keys.
The word 'readily' is important in that last sentence. Given sufficient time, powerful computers can attempt to 'crack' encrypted information. Much security research concentrates on identifying flaws in current encryption schemes that could potentially make information vulnerable without needing all that processing. So these solutions aren't perfect, but they'll dissuade all but the most dedicated of intruders.
This is the same principle that applies in most areas of security. A locked door isn't absolute protection; someone who knows how to pick locks or is armed with an axe could still get through. But given the choice, many criminals will simply aim for the unlocked house next door instead. (It also means that rules for sensible password choice remain vitally important; if it's easy to guess that information, much or all of the value of encryption will disappear.)
Encrypting your local data
The main reason to encrypt data stored on your computer is so that it can be kept private and not readily accessed by others. Since you'll already have a password on your system (won't you?), your personal information shouldn't be easily viewable anyway, but encryption adds an extra level of protection for confidential business information, passwords, private photos and anything else you don't want to share around.
Windows 7 includes its own encryption system known as BitLocker (though not in the Home versions of the product), while Mac OS X Lion includes FileVault. However, there are also lots of other freeware and paid options to set up encryption, and we've detailed how to use some of them in the links later on in this article. Depending on the software you use, you can choose whether to encrypt individual files, folders or even the entire operating system (though taking this last option will sometimes slow your system performance a little).
For what it's worth, if you end up involved in a criminal case, you may well be ordered to provide encryption keys on relevant computer systems. How that will play out varies a lot depending on the country you're in, but refusing to supply that information might be seen as an admission of guilt.
Encrypting your connection
Using Wi-Fi for internet access is very convenient, but there's a trade-off in terms of security. It's a relatively trivial task to intercept Wi-Fi data, which potentially means that a hacker could access passwords and other sensitive data in transmission. To avoid this, many web sites use HTTPS, a protocol for encrypting data being sent between sites. Because the information is encrypted and can only be decrypted by the site it is being sent to, the security risk is much lower. You can generally identify an HTTPS connection by a closed padlock symbol used in the address bar.
HTTPS has been widely adopted, and some sites (including Google) mandate its use whenever accessing sensitive services. Check out our more detailed discussion about why you should care about HTTPS when online for more information. There's also a handy browser extension, HTTPS Everywhere, which enforces HTTPS use on a wide range of popular sites.
Now that you understand encryption's purpose, check out some of Lifehacker's specific guides to encrypting and protecting your personal data, both on your machine and when being transmitted over the net:
For your computer and phone:
- Five Best File Encryption Tools
- Without A Trace: Turn Your Flash Drive Into A Portable Privacy Toolkit
- How To Encrypt, Hide Your Entire Operating System From Prying Eyes
- Your Passwords Aren’t As Secure As You Think
- How To Protect Your Privacy When You Willingly Share Your Computer
- How To Add A Second Layer Of Encryption To Dropbox
- How To Encrypt All Internet Use On Your Android Phone
For safer net usage:
- HTTPS Everywhere Keeps Your Personal Information Safe On Over 1400 Sites
- How To Secure And Encrypt Your Web Browsing On Public Networks (With Hamachi And Privoxy)
Lifehacker 101 is a weekly feature covering fundamental techniques that Lifehacker constantly refers to, explaining them step-by-step. Hey, we were all newbies once, right?