Encrypting individual files
Does anybody know of any utilities that would allow me to encrypt individual files? I know of FileVault, but I'd rather use something that's part of a separate process requiring a separate password.
Any example of a file I want to encrypt is my tax return PDF.
If possible, I'd like something that's cross-platform.
Any example of a file I want to encrypt is my tax return PDF.
If possible, I'd like something that's cross-platform.
Comments
Opening a .dmg file puts an imaginary hard drive on your desktop. Drop your tax return into that drive, "eject" it, and now your tax return is in a nice, reasonably safe encrypted place. Of course, if you choose the option that's very easy to choose without thinking -- storing the password for your .dmg file in your Key Chain -- that reduces the effectiveness of the encryption a lot, since the data is then readily accesible whenever you're logged into your own account.
Oh, yeah... this is a Mac-only solution.
It's not encryption of an individual file exactly, but you can use Disk Utility to create a read/write disk image (.dmg) file, and specify encryption for that disk image. Choose a size for the disk image appropriate for what you'll be storing inside.
Opening a .dmg file puts an imaginary hard drive on your desktop. Drop your tax return into that drive, "eject" it, and now your tax return is in a nice, reasonably safe encrypted place. Of course, if you choose the option that's very easy to choose without thinking -- storing the password for your .dmg file in your Key Chain -- that reduces the effectiveness of the encryption a lot, since the data is then readily accesible whenever you're logged into your own account.
Oh, yeah... this is a Mac-only solution.
Thanks! Unless somebody replies with a better solution, this is what I'll do. I tested entering an incorrect password, and it refused to let me open the dmg, either from the GUI or from the command-line.
You're right in that Apple's absolutely retarded in making it way too easy for you to add the password to your keychain. Not only that, but everytime I open the file, there's a checkbox option for me to add the password to the keychain. Kinda defeats the purpose of encrypting your files, doesn't it?
You're right in that Apple's absolutely retarded in making it way too easy for you to add the password to your keychain. Not only that, but everytime I open the file, there's a checkbox option for me to add the password to the keychain. Kinda defeats the purpose of encrypting your files, doesn't it?
Not in the least. To access the data from keychain, you have to either be logged in or manually unlock that keychain. The keychain in itself is encryptedly stored. Therefore, for other users, the disk image is perfectly encrypted and inaccessible.
Not in the least. To access the data from keychain, you have to either be logged in or manually unlock that keychain. The keychain in itself is encryptedly stored. Therefore, for other users, the disk image is perfectly encrypted and inaccessible.
That's true but for shared single user systems, all it takes is to slip up once and forget that people can access your files very easily. One time at work, someone wanted to access something on my computer so I connected up to my machine through AFP little realising that the check box for Filevault was checked. One day I came in to find a bunch of folders with rude names on my desktop. It's not a big deal among friends but it makes it harder to ensure system security.
I always try and make sure that filevault isn't used for anything. I use read/write encrypted .dmgs for securing files too and if you go into Disk Utility, you can uncheck the preference that says to use Filevault. That should ensure that it is unchecked by default. You may also want to uncheck the verify image option to. This stops that verify stage (that you probably skip anyway) whenever you mount a disk image.
That's true but for shared single user systems,
I'm sure a lot of people make that mistake, but frankly, if you're going to go through the hoops of encrypting data, but at the same time share your user account, you have much bigger problems than the risk that someone will find out how to bypass your encryption.
Encryption should be an additional step on top of having cleanly separated user accounts. Imagine, for instance, someone booting into single-user mode, or someone taking your hard drive and inserting it into another machine. The file system's permissions (and thus, user accounts) can thus be easily bypassed, and that's where encryption starts to matter.
Encrypting your files yet sharing your account is just silly.
all it takes is to slip up once and forget that people can access your files very easily. One time at work, someone wanted to access something on my computer so I connected up to my machine through AFP little realising that the check box for Filevault was checked.
This is what the Public folder is for?
This is what the Public folder is for?
Yeah but I just needed to get something quickly. I've never used the public folder because I'd always have to move stuff in and out of the folder. It's definitely a habit to get into using the public folder because I've been working on a machine before and somebody uploaded new files and wrote over the ones I was working on.
encryptedly
PENALTY! Non-existent adverb!
PENALTY! Non-existent adverb!
Fine. "In an encrypted manner".