Internet privacy and security course
About translation
Previous Next

Chapter 106

The secrets of keeping your data concealed

If you live in a country with a clampdown on freedom of speech in place, and you can become arrested at any moment, have your equipment seized, your bank accounts locked, you must have thought about how to store your sensitive information properly: your passwords, business assets, backup copies, documents and designs…

External media like USB flash drive can be found, though if you have a secure hiding place you are confident about, this might be a sound solution. Cloud-based storages, as a rule, charge a monthly fee, and if you are unable to pay for them for a couple of months, your data will be removed. Moreover, there is the risk that a malicious intruder can obtain access to your computer, and if it is possible to remove your sensitive data from it, no one will able to prevent him from doing that.

Ordinarily, users use specialized software for syncing data with cloud storage or authorization in browser. A forensic expert would typically take no more than 10 minutes to discover all your cloud storages.

To erase your passwords, you can install Panic Button – an emergency data destruction system that instantly wipes passwords and a record of web pages you’ve visited in browsers. The future releases of Panic Button are set to offer you the option of switching off access to cloud storages obtained via software, but this won’t help you if your cloud storage becomes locked because of your failure to pay for them.

Storing your data with the help of your friends

The simplest way to go will be to find people who are trustworthy enough to store your sensitive data, for instance, by sending it over an instant messaging service. It is better to have several reliable people, you will also want them to live in different countries.

All your data is securely stored in an encrypted file-hosted volume, and you keep the password to this volume in your head so even if your friends will be itching to know its contents, they just won’t be able to do it. Give your volume a neutral name that won’t hint at the importance of your data even by indirect signs.  

If your equipment becomes seized, and you will be released a year later, all you will have to do is ask your friends to give your encrypted file-hosted volumes back and restore the access to your information. Besides, if you are behind the bars, you can use your lawyer to pass the instructions to an authorized person who will be able to retrieve the information from your encrypted file-hosted volume.

Hidden cloud

If you don’t have people you can trust your information with, you can create a hidden cloud storage no one will know about.

This storage should meet the following requirements:

  • It should be paid for a lengthy period of time, for a year and over.
  • You shouldn’t pay for this using your bank cards or e-wallets.
  • You should never keep the data for accessing your hidden cloud storage in written form, you should keep it only in your head.
  • Your storage shouldn’t have any other additional protection measures except for a strong password.
  • When working with your hidden cloud-based storage, always enable Incognito mode in your browser or VPN.

Let’s go through every requirement on our list. Your cloud storage should be paid for a lengthy period of time, and even if you fail to extend your monthly subscription, your data are unlikely to become deleted. Most users are fine keeping themselves on a year-long subscription, and many services usually have a similar offer.

You will be better off if you avoid paying for your hidden cloud with a bank card as this will reveal you actually purchased cloud-based storage. Create a one-time-use virtual card (this kind of service is offered by the majority of banks for secure payment over the Internet) or use your friend’s or relative’s card.

The login and password to your hidden cloud storage should be kept only in your head and nowhere else. You shouldn’t even use a password manager. To keep your password fresh in your memory, upload new data to your storage periodically. Don’t use two-factor authentication, only a strong password as you can also lose access to SMS or code table. It goes without saying that you should always keep all your data in encrypted file-hosted volumes.

Make an effort not to leave any traces of using cloud storage on your computer. Always encrypt your connection using VPN to keep your connections and sending a large amount of data to some cloud storage – from being exposed at ISP’s level. In your browser use Incognito mode that means your browser doesn’t save cookies.

For maximum protection of your data, use both methods simultaneously. I hope the information above has been helpful to you.

Previous
8413
Next