What Files?

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

BobH wrote:
29 Sep 2024, 21:38
As I understand it, I will create that D: partition, using Windows Disk Management for example, then using VeraCrypt, turn that Windows partition D: into an encrypted partition which all my software can then address, read, and write to but which VeraCrypt (or something?) will intercept and encrypt before the binary bits are written.
I am curious as to why you want encrypted data. For instance if I don't want anyone else to be able to access any of the data files I create, I put a password on them. If for some reason I forget that password, that file is lost to me and anyone else that may have access to my computer. I may be making a wrong assumption here, but from what I have read in the past about password protected files or even ranges within an Excel file, they are very safe from being view by anyone without the password. Since you want an encrypted drive, you must not want any of your data files viewable by anyone else. I'm just curious is all.
Regards,
hlewton

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

ChrisGreaves wrote:
29 Sep 2024, 19:21
Just wanted you to know I tried twice to reply to your PM and it does not show that it went. Not sure what happened.
Regards,
hlewton

User avatar
BobH
UraniumLounger
Posts: 9628
Joined: 13 Feb 2010, 01:27
Location: Deep in the Heart of Texas

Re: What Files?

Post by BobH »

hlewton wrote:
29 Sep 2024, 23:34
BobH wrote:
29 Sep 2024, 21:38
As I understand it, I will create that D: partition, using Windows Disk Management for example, then using VeraCrypt, turn that Windows partition D: into an encrypted partition which all my software can then address, read, and write to but which VeraCrypt (or something?) will intercept and encrypt before the binary bits are written.
I am curious as to why you want encrypted data. For instance if I don't want anyone else to be able to access any of the data files I create, I put a password on them. If for some reason I forget that password, that file is lost to me and anyone else that may have access to my computer. I may be making a wrong assumption here, but from what I have read in the past about password protected files or even ranges within an Excel file, they are very safe from being view by anyone without the password. Since you want an encrypted drive, you must not want any of your data files viewable by anyone else. I'm just curious is all.
I value privacy . . . highly. Plus, I have data on my system for 'clients' that I don't want to be compromised.

While Stuart is our resident security expert, it is my understanding that passwords can be broken. For that reason, I use long, complex passwords and store them in a secure password 'wallet' so that, having opened the wallet (which is itself password protected) I can copy and paste those long complex passwords and do not have to remember them. I use Roboform for that password wallet. It encrypts the contents of its files and stores them both locally and in the cloud. Because they are in the cloud, they are accessable to any platform that can run Roboform. That way I can use passwords across various PCs, iPads, iPhones, etc. (None of which answers your question but says something, perhaps, about my paranoia.) Part of my back-up discipline is to make local copies (3 generations); I will probably also back up to the cloud once I have my encrypting methods perfected and working to my satisfaction. I would never put anything in cloud storage that I have not already encrypted myself, with the exception of trusting Roboform to encrypt my passwords. That will change when I have my own encryption set up.

By using both passwords and encryption, I have built-in layers of privacy protection which has the effect of multiplying the difficulty for those seeking to break into my files. There are techniques that I've read about that will iteratively encrypt already encrypted data making access more difficult for anyone not authorized.

Maybe Stuart will weigh in here and confirm or dispel my assertions.
Bob's yer Uncle
(1/2)(1+√5)
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs

User avatar
StuartR
Administrator
Posts: 12856
Joined: 16 Jan 2010, 15:49
Location: London, Europe

Re: What Files?

Post by StuartR »

That's a reasonable set of assumptions. I also store client data and it is much less effort to encrypt a partition than to encrypt every file separately. And it makes sure that every client file is always encrypted, even when I create it in a hurry without thinking. Especially on my laptop which someone might get physical access to. I do ALSO encrypt individual files that are particularly sensitive, AND I have one encrypted partition that I only mount while I am working for a specific client.
StuartR


User avatar
ChrisGreaves
PlutoniumLounger
Posts: 16411
Joined: 24 Jan 2010, 23:23
Location: brings.slot.perky

Re: What Files?

Post by ChrisGreaves »

hlewton wrote:
29 Sep 2024, 23:42
... it does not show that it went. Not sure what happened.
Check the "OutBox" in your Private Messages area of your user profile?
Cheers, Chris
Most of my hair had already fallen out by the time I learned that mousse is spelled with two esses

User avatar
ChrisGreaves
PlutoniumLounger
Posts: 16411
Joined: 24 Jan 2010, 23:23
Location: brings.slot.perky

Re: What Files?

Post by ChrisGreaves »

StuartR wrote:
30 Sep 2024, 06:24
... it is much less effort to encrypt a partition than to encrypt every file separately.
We need a smiley :Highly Agreed: Also another smiley for :Absolutely Spot On:

And another smiley for :If it's boring and repetitive, get a computer program to do it for you:
And it makes sure that every client file is always encrypted, even when I create it in a hurry without thinking. Especially on my laptop which someone might get physical access to.
Also :I couldn't agree more:
This case was particularly true when, in downtown Toronto, I picked up WiFi signals, and hence used the laptop, in libraries and coffee shops. Back than I changed "What Closing the lid does" to "ShutDown" or "Power Off" or the equivalent. That was enough to kill Veracrypt and hence the encrypted device as dis-mounted. AUTOMATICALLY.

Cheers, Chris
Most of my hair had already fallen out by the time I learned that mousse is spelled with two esses

User avatar
ChrisGreaves
PlutoniumLounger
Posts: 16411
Joined: 24 Jan 2010, 23:23
Location: brings.slot.perky

Re: What Files?

Post by ChrisGreaves »

Yes, I have a computer that has a single drive (SSD). That drive contains a single partition: C:. It contains the operating system and related files as well as all my data files (at least all those not stored externally on various devices, e.g., thumb drives, SD cards, external hard drives, etc.). At some future date, I will want to create 2 partitions - one for Windows, the other for my data - on that drive without corrupting either the OS or the data; however, that is for a future post.
I read into Bob’s original post that he wanted to have a single SSD drive from which his computer would boot, as it has been dong for eons, but which would have an area (a “partition”) for his(or his client’s) data which area was password-protected.
The length etc. of the password is a separate issue, and while it is of concern, it was not the primary concern here.
Knowing what I know of Bob (all of it good!), I figured that the best solution was for Bob to grow comfortable with (a) Partitions and (b) Encryption on a disposable medium such as a memory key/thumb drive. Once comfortable with those two concepts, he could use his skills to effect his changes on his computer’s SSD.
I feel that right now Bob is not comfortable with partitions/encryption if only because I have not heard that he has done a few exercises on a spare thumb drive. I could be wrong.
In starting this process, I had the primary goal of developing and using a routine backup plan. In pursuing that end, I decided that I should encrypt the backed up data for additional privacy and security. In going forward, I thought I should first learn about encryption and how to do it. (I might be mistaken, but I think that encrypting data also has the effect of compressing it, to some extent. It matters only because Compressed data will transfer faster as there are fewer bits to read and write.
Backups is the other love of my life, but backups are a separate issue from Partitions and Encryption, and they deserve their own thread. Encryption is commonly intertwined with Partitions, and so those two get lumped together in this thread.
… so I'm going to reformat the thumb drive and start over.
And already today is The Best Day Of My Life! :grin:
Question: The thumb drive is formatted as exFAT. Should I retain this or change it to NTFS? Does it matter?
I would use the DISKPART command and as recommended issue the CLEAN command and trust DISKPART.
No, this was my own personal sidetrack, or wild 'hare', . . .
Now where did I put my squirrel gun …
As an analogy, back in the '60s when I was a computer operator, I had to 'mount' reels of tape physically on a tape drive unit …
Agreed. Also those 8 MB disk cartridges.
In my day, the (human) operators also had to wear a white lab coat AND remove their ties; ties have a habit of getting caught in card-reader and line-printer machinery. You don't ever win an argument with a machine that can read 1,200 punched cards each minute.
As I understand it, I will create that D: partition, using Windows Disk Management for example, then using VeraCrypt, turn that Windows partition D: into an encrypted partition which all my software can then address, read, and write to
Bob’s analysis of drive-letter-confusion seems correct to me. When I create a partition to be submitted (to VeraCrypt) for encryption, I recommend
We usually use drive letters to refer to partitions, but when we are using an encryption program such as Veracrypt, we will tell the program to mount the partition and use a drive letter for the mounted drive; to that end we do not need to assign a drive letter to the data partition; it will receive a drive letter when VeraCrypt springs into action.
To that end we will remove the drive letter (in my case Q:) from the data partition.
I find this statement a bit arcane. By saying 'boot sequence' you infer that this takes place only when the system is 'booted'. Can you expound on this?
Bob, I am always happy to expand! :grin:
My boot-sequence, as in AutoExec.bat, is a baroque construction that ensures that after Power-On, I can put on my little Moko-Pot, unlock the garden shed, read the electricity meter, move the hoses, bring in the rain-water pails and so on, so that when I sit down at the computer everything is ready to go. This is 115 lines, 942 words NOT including the various slave batch files.
When I use the laptop I want access to my encrypted data partition. This means that someone has to tell Veracrypt (a) where the partition is (b) what drive letter to assign once the password is supplied and (c) what the password is.
I accomplish (a) and (b) from the DOS commands in my auto-exec.bat, but I still type in the password by hand on a keyboard.
This applies too to my encrypted backup drives; a batch file supplies (a) and (b), but I type in the passwords by hand.
I could include the Encryption/Veracrypt passwords in my batch files to reduce my manual labour, and depend on the password or PIN for the computer to protect me I suppose. But as you know, I like being in control :grin:

Cheers, Chris
Most of my hair had already fallen out by the time I learned that mousse is spelled with two esses

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

ChrisGreaves wrote:
30 Sep 2024, 11:18
hlewton wrote:
29 Sep 2024, 23:42
... it does not show that it went. Not sure what happened.
Check the "OutBox" in your Private Messages area of your user profile?
Cheers, Chris
I did that twice last night and there was nothing in that or the Sent folder. I sent a PM to Hans just now about that and it went perfectly. I sent you an email.

Sorry for the distraction. Now back to the subject at hand. I am going to read the rest of the replies.
Regards,
hlewton

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

BobH wrote:
30 Sep 2024, 03:14
hlewton wrote:
29 Sep 2024, 23:34
BobH wrote:
29 Sep 2024, 21:38
As I understand it, I will create that D: partition, using Windows Disk Management for example, then using VeraCrypt, turn that Windows partition D: into an encrypted partition which all my software can then address, read, and write to but which VeraCrypt (or something?) will intercept and encrypt before the binary bits are written.
I am curious as to why you want encrypted data. For instance if I don't want anyone else to be able to access any of the data files I create, I put a password on them. If for some reason I forget that password, that file is lost to me and anyone else that may have access to my computer. I may be making a wrong assumption here, but from what I have read in the past about password protected files or even ranges within an Excel file, they are very safe from being view by anyone without the password. Since you want an encrypted drive, you must not want any of your data files viewable by anyone else. I'm just curious is all.
I value privacy . . . highly. Plus, I have data on my system for 'clients' that I don't want to be compromised.

While Stuart is our resident security expert, it is my understanding that passwords can be broken. For that reason, I use long, complex passwords and store them in a secure password 'wallet' so that, having opened the wallet (which is itself password protected) I can copy and paste those long complex passwords and do not have to remember them. I use Roboform for that password wallet. It encrypts the contents of its files and stores them both locally and in the cloud. Because they are in the cloud, they are accessable to any platform that can run Roboform. That way I can use passwords across various PCs, iPads, iPhones, etc. (None of which answers your question but says something, perhaps, about my paranoia.) Part of my back-up discipline is to make local copies (3 generations); I will probably also back up to the cloud once I have my encrypting methods perfected and working to my satisfaction. I would never put anything in cloud storage that I have not already encrypted myself, with the exception of trusting Roboform to encrypt my passwords. That will change when I have my own encryption set up.

By using both passwords and encryption, I have built-in layers of privacy protection which has the effect of multiplying the difficulty for those seeking to break into my files. There are techniques that I've read about that will iteratively encrypt already encrypted data making access more difficult for anyone not authorized.

Maybe Stuart will weigh in here and confirm or dispel my assertions.
Thank you and you did answer my question. I don't have clients, but I am almost as paranoid as you admit to being. My paranoia is more along the lines of losing data files so I have backups or really copies of everything I create or use in 9 different storage medias. If I make a change to a file, and I do on a daily basis, it is copied to the other devices, some of which are computers and the others, external SSD drives.

Now I am going to take one of your lines from here and hope Sturat replies to it.
Regards,
hlewton

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

BobH wrote:
30 Sep 2024, 03:14

While Stuart is our resident security expert, it is my understanding that passwords can be broken.
Stuart, is this correct? My understanding and what I read years ago said that if I ever forgot my password for my password protected Excel file, it would be lost and not retrievable. Maybe that means by someone like me but I took it to me it was very secure.
Regards,
hlewton

User avatar
StuartR
Administrator
Posts: 12856
Joined: 16 Jan 2010, 15:49
Location: London, Europe

Re: What Files?

Post by StuartR »

An encrypted Excel file using a modern version of Excel with a long complex password is fairly secure. If the password is just a couple of words with a digital or two then it's easy to crack
StuartR


User avatar
stuck
Panoramic Lounger
Posts: 8541
Joined: 25 Jan 2010, 09:09
Location: retirement

Re: What Files?

Post by stuck »

Whereas the password on older (.xls) Excel files were easy to crack, even if the password was a long one. It was just a matter of opening the file in a Hex Editor and editing the relevant bit.

:whisper: I have to confess to resorting to such a hack many years ago when I forgot the password I put on one of the Excel templates I'd created at work and on which our team and our business relied :blush:

Ken

User avatar
ChrisGreaves
PlutoniumLounger
Posts: 16411
Joined: 24 Jan 2010, 23:23
Location: brings.slot.perky

Re: What Files?

Post by ChrisGreaves »

hlewton wrote:
30 Sep 2024, 12:59
... Maybe that means by someone like me ...
Or like me.
There is a spectrum of security.
My house key protects my house contents, but only from people like you or me.
My bicycle combination lock, had I one, would not protect me from someone with a bolt-cutter.

When I moved to Bonavista almost six years ago, I lost my key-ring, the one with the only key to my fire-resistant metal safe(1). To my immediate delight, but long-term disappointment, I found that a regular flat-blade screwdriver (the one with the canary-yellow handle) would easily open the lock.
Easier, actually, because the screwdriver handle was more sure than a tiny plate-metal key.

I suppose that if I wrote VBA code to open every workbook on a Partition (or on a hard drive for that matter), and kept a record of the workbooks that would not open because they were password-protected, that would save me time examining all the workbooks. Only the password-protected workbooks would have significant value :innocent: :innocent:

(1)Passports, credit cards, birth certificate, backup drives ...
Cheers, Chris
Most of my hair had already fallen out by the time I learned that mousse is spelled with two esses

User avatar
hlewton
PlatinumLounger
Posts: 4026
Joined: 24 Oct 2010, 23:39
Location: Canton, Ohio USA

Re: What Files?

Post by hlewton »

stuck wrote:
30 Sep 2024, 17:17
Whereas the password on older (.xls) Excel files were easy to crack, even if the password was a long one. It was just a matter of opening the file in a Hex Editor and editing the relevant bit.

:whisper: I have to confess to resorting to such a hack many years ago when I forgot the password I put on one of the Excel templates I'd created at work and on which our team and our business relied :blush:

Ken
WOW, wish I had known that a couple years ago. I ended up deleting the file since I could not remember the password.
Regards,
hlewton