Tales of encryption

PUBLISHED : Sunday, 23 July, 2006, 12:00am
UPDATED : Sunday, 23 July, 2006, 12:00am

People do important things on their Macs and, as such, the work they do must be kept private. My computer stores research notes, patents, business strategies, celebrity contact information, customer credit-card details, trade secrets - all things I would prefer unauthorised people never saw.

If you also value your privacy, here are a few things you should know about how transparent computers are. If your Mac is continuously connected to the internet, hundreds of automated hacking applications are attempting to gain access every hour. Because most of these are designed to take advantage of Windows' security flaws, the Mac's standard firewall settings will usually keep them out. However, there are dozens of software applications designed to discover your password and let the bad guys in. Some check all number combinations, some try all the words in a four-million-word dictionary and others try word and number combinations until access is gained.

The secret is to have a password that uses numbers and upper- and lowercase letters that don't form a dictionary word in any language. D*a456)( would be a good example. These passwords can still be discovered, but it might take the software 50 years.

If they can't gain access to your secrets via the internet, then the bad guys must directly access your Mac - by stealing it. You can still keep your secrets safe. First of all, forget FileVault, Apple's built-in encryption utility. It encrypts your entire home folder so that it's unreadable but it's tedious to use. For cheap and simple, you can lock a private folder using the Get Info window under the File menu. Something a little more secure would be Apple's Disk Utility, which can create a Sparse Disk Image containing all your private files. The Disk Image mounts on the desktop like a regular disk but it's fully encrypted and requires a password to open it.

The ultimate file encryption utility is Tresor (Euro25/$250; www.warlord.li/english/tresor.php). It's simple, intuitive and unbreakable provided you have a good password. Every time you do something on your computer you leave a trail of clues as to what you did, edited or viewed. Your Mac is filled with cache and log files for this purpose. Every application or application plug-in keeps these records. If you hide a file or make it invisible, these logs and caches will let a spy know where it's hidden. There are applications designed to securely erase some of these files such as NetShred (US$19.95; www.mireth.com), which deletes all history of your internet travels and e-mail correspondence. If you are working in an application such as Word, you will need Tiger Cache Cleaner (US$8.95; www.

northernsoftworks.com). Set it up to clean the caches and logs for the applications you work in most.

It all boils down to this: to prevent others from accessing secrets on your Mac, first use a good password. Encryption is the next line of defence. And great care must be exercised at all times.