Encryption Part 2 GPG and 7zip

The second of the three part series explains how to encrypt your data. I will explain two methods which I use a lot. The first one is 7 zip which is a free program that works on Windows, Linux and OS X. The second one is GPG and is best used on a trusted computer that runs Linux.

7 zip

The easiest way to encrypt a file is simply to use 7 zip. One of the biggest advantages of 7 zip is that once you encrypt a file, you can open it on any computer. The only requirement is knowing the password. Passwords are a huge topic and I will dedicate the next part to just that.

If you run Windows then ether type “7 zip” into your search engine of choice or on this page: https://www.7-zip.org/

If you happen to be on Linux, then there is a good chance that 7 zip is already installed. Let’s look into how we can actually encrypt a file.

Encrypting a file with 7 zip

7 zip is very easy to use. Just right-click the file you want to encrypt and from the pop-up menu, select “compress“. Another small window will open and towards the bottom, you’ll see the option to enter a password. After you enter the same password twice, press enter and you will instantly create a duplicate of your file. The only difference is that that new file will have a .7z added to the name.
Hint! If you don’t see the compress option, then make sure that “.7z” is selected next to the file name. See image below (right upper image corner).

Example

Let’s say that you have a file called “ernst-renner-social-insurance-number.txt”

ernst renner social insurance number text sample file

After you press “Create”, you’ll end up with the encrypted file. Open the encrypted file once to confirm that you memorized the password correctly. If all goes as expected, delete the original. After all, encrypting content is useless if you keep the source file.

Always make a backup of your encrypted file(s)

There is only one step left to do once you have your encrypted file and deleted the original. Make a backup. You can do so in various ways. It’s OK to leave one copy of the encrypted file on your computer. I recommend that you save at least one additional copy on a removable memory stick or external hard drive.

Careful with making changes

Besides the ease of use, 7zip has another killer feature. You can always add to the encrypted document. Let’s say that I not only want to store my SIN# but also some gmail addresses and passwords. Adding more text couldn’t be easier. Just open the encrypted file for a moment and type the additional information. When done press SAVE and that’s it.

The next time you open the document, you will see the changes you made and text you added.
WARNING! Don’t forget to add the changes to the backup(s) as well. If you create many encrypted files then add a version number to the file name.
Example. filename-v02b.txt would be the second revision and the b tells me that I am dealing with the backup file. filename-v02o.txt would indicate “original”.

Reboot after encrypting

Unlike humans, computers have a perfect memory. There is a possibility that everything you typed is stored in a cache file which is buried deep inside your hard drive. To erase that cache file, simply reboot your computer and you are good to go. This way, someone else can not walk up to your computer and regenerate the unencrypted version while you are not looking.

Use longer passwords

Many people wonder if 7zip is secure. Yes, it is. Just use a long password that includes some random characters like $ * ! + and so on. I will teach you a cool method which I developed to help me remember super long passwords when we get to Encryption Part 3 – Passwords

GPG

7zip is the Ferrari of encryption. Easy, fast and always a good option that just works. But once in a while you need a tank and for those situations, I turn to GPG.

GPG should only be used on a Linux system because if your need for encryption is extremely important, then I would not and do not trust a closed-source operating system. I don’t mean to scare you but still, Windows installs a huge amount of code just to run. Linux is tiny by comparison and does so much. I simply wonder why it takes 40 – 60 Gig just for Windows 10 on my hard drive and a mere 8 Gig for the full Linux install. Linux comes with many powerful programs which Windows, by default, doesn’t have.

How to encrypt a file the GPG way

Today’s Linux desktops look graphically stunning, run fast and include a terminal which scares newcomers enough to never touch Linux in the first place. It’s too bad because the terminal is extremely powerful and the best way to encrypt a file.

Again, let’s say we have a file with the name “sensitiveInfo.pdf”.

In the terminal, we simply enter this short command:

gpg -c sensitiveInfo.pdf

Once typed in, press enter and you will be prompted to enter a password. Just like with 7 zip, the password must always be entered twice. This eliminates the chance of a typo. When finished, a new file will have been created with the name “sensitiveInfo.pdf.gpg”

Open that file once to make sure that the password is working and after that, delete the source file. The terminal command to open a gpg encrypted file is similar to the one we used before except for a minor change: gpg -d sensitiveInfo.pdf.gpg

If it works as expected, it’s time to shred the original. Did you notice that I didn’t say delete the original? The shred command is a way to securely remove the original or, for that matter, any file from your hard drive. Once it’s shredded, it’s gone.

Shred and delete

Deleting is a strange process. When we delete a file, it stays on the hard drive for a long time and therefore might be recoverable. To prevent that, it’s best to shred anything that we do not want to fall into the wrong hands.

The shred command is easy to use. Just type “shred -u filename.extension into your terminal and press enter. The -u option will delete the shredded document and save you one step. Even if you forget to delete a shredded file, it can never be recovered. Here is what a shredded file would look like if someone could access it.

encryption part 2 gpg and 7zip

As you can see, once shredded, the contents become garbled and thus unreadable for every and a day.

If you want to keep your login, account info, online banking info, email passwords and the like secure then use 7zip and encrypt it. If you are an inventor and have a multi million dollar idea, then GPG encrypt the blueprints and accompanying text files.
GPG is huge and i highly recommend that you read up on it because it can do a lot more then just encrypt your files and folders. Encrypted email can also be sent and only read by someone who has your public key.
IMPORTAMT! Unlike 7zip which lets you add content and quickly save the file, GPG does NOT do that. After you make changes to a GPG encrypted file you music encrypt it again … and again.
I hope this explains why I recommend 7zip for most needs.

Conclusion

Encrypting data is extremely important. If you forget your laptop on a bus or if someone grabs it then they can easily life-boot it and steal all of your information.

I use 7zip and or GPG for all my encryption needs. My passwords are long so that the possible combinations would take years to compute. Then again, google knows my email passwords and the Royal Bank knows my online banking info so big brother doesn’t need my encrypted files in the first place. But for everyone else, access if forbidden.

References

  • Shred
    Linux command to destroy any file
  • GPG
    Powerful Linux encryption
  • 7zip
    Powerful encryption for all platforms

I welcome your questions, suggestions and constructive criticism. Thank you for reading.

3 Comments

  1. nicer text. i was unsure what to use, 7z or gpg but you touched right in the point that i was looking for. i always used 7z for that but i kind learning more about encrypt and gpg so i decided to give it a shoot. well, about 7z i never open the file since i thought it was kind unsecure. because it will open a cache file to uncompress it. i preffer to extract it and then make the process again if i have more changes. i would like a world that people wont try to spy each orther, but yah! -_-

    • Hi,
      it depends on the value of the content. I use 7zip because it is fast and convenient. Since there is no such thing as security, it kind of doesn’t make sense to go overkill with PGP unless we are talking patent blueprints or similar. 🙂

  2. Hi Peter,
    You don’t need to install GPG because you most likely already have it.
    If yes, simply encrypt your file with the – gpg -c flag and enter a/the password twice.
    HOW you will get the pw to the recipient is another question.
    It is handy to have a public key which you could share with the recipient but I understand that you don’t want to go trough all of that hustle.
    7zip, encrypted and pw protected can also be sent. I’ve done it and there is little difference as 7zip defaults to AES 256.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.