ENCRYPTION PLAYS a big role in Jump Cut. One of the first things Ellie’s boyfriend Luke does for her is download a cell phone encryption program, which I’ve heard, anecdotally, is pretty good. Luke thought Ellie needed it because of a flash drive she’d found, and the very real possibility of ending up in the middle of murder and international espionage.

But do you and I need it?

What does cell phone encryption actually do? Should we get it? Or not bother? Which areas of our everyday lives and computers are already encrypted? Which aren’t? Should we make sure they are?

What is encryption?

Encryption software encodes computer data so it can’t be recovered without the right ‘key’. Encryption prevents unwanted third parties from recovering of the original data, or even any information about it. It’s particularly important for sensitive data like social security numbers. It is a fundamental part of modern computer communications, an everyday way to protect your data and privacy.

Today’s encryption algorithms play a vital role in assuring the security of IT systems and communications. Encryption provides confidentiality and security by verifying the origin of a message, proving a message hasn’t been messed with since being sent and preventing the sender from denying they sent it.

Modems, smartcards and SIM cards all use encryption to protect data while it’s in transit. Each time you use an ATM, call someone on your phone or buy something via your tablet, encryption protects the information being exchanged so mischief makers can’t access it.

To encrypt or not to encrypt?

Some say snooping doesn’t matter, since it’s done at an algorithmic level and the data is not personalized. On the other hand, recent research reveals how just a few pieces of anonymous data can easily be used to identify you as an individual.

As an article in New Scientist magazine says: (https://www.newscientist.com/article/dn26879-just-four-credit-card-clues-can-identify-anyone/)

“Drop the disguise: your metadata still gives you away. Four pieces of information is all that’s   needed to match individuals to their credit card records. The findings suggest that tougher measures must be put in place to protect users’ privacy, because real identities may be too tied in to the rich metadata, such as GPS coordinates, collected by modern devices.”

In fact, metadata plays a huge role in the plot of Jump Cut. The good guys are able to get the metadata of the correspondence between the Chinese and Charlotte Hollander, even though the actual emails are encrypted.

And the headline of a recent article on HughesNet (https://community.myhughesnet.com/hughesnet/topics/you-need-data-encryption-even-if-you-re-not-a-security-specialist) comes right out and says it: ‘You need data encryption – even if you’re not a security specialist’.

In their opinion, “Encryption tools are very useful in keeping valuable information hidden from hackers and you should use some sort of encryption every time you access personal information, no matter it is used in local operations or sent over the Internet.”

Forbes reported this story (http://www.forbes.com/sites/insertcoin/2015/11/14/why-the-paris-isis-terrorists-used-ps4-to-plan-attacks/) earlier this month, about how jihadists used Playstations to communicate. The story turned out to be unconfirmed, but it raises a question – what kind of privacy is built into games?

After Sony’s infamous 2011 Playstation security breach, the CEO of Sony Computer Entertainment America, Kazuo Hirai, wrote this in the PlayStation blog:

“We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.”

In late 2014 Fortune reported how Sony’s failure to take security seriously enough, despite the 2011 hack, probably led to the Sony Pictures Entertainment hack. It looks like games are just as full of security holes as anything else. It’s a digital thing.

Built-in encryption

Luckily, these days, encryption is the default setting. You already use encryption online. We all do. It’s one of the only ways to keep ourselves safe on the internet. Without encryption there’s no privacy, no matter what kind of communications you engage in. It keeps your personal privacy intact, prevents cybercrime, data theft, and hacking, vital for your financial health, safety and peace of mind.

Take PayPal. As they say on their site (https://www.paypal.com/uk/cgi-bin/webscr?cmd=xpt/Help/general/TopQuestion6-outside):

“PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available). Before you even register or log in to the PayPal site, our server checks that you’re using an approved browser – one that uses SSL 3.0 or higher.

Once your information reaches the PayPal site, it resides on a server that is heavily guarded both physically and electronically. PayPal servers sit behind an electronic firewall and are not directly connected to the Internet, so your private information is available only to authorised computers.”

If you have a lock icon in your web browser, whether you realize it or not you’re using encryption to send and receive data from the websites you’re exploring. Microsoft’s BitLocker software, ready-installed on most Windows operating systems, encrypts sensitive information automatically, protecting your entire hard disk. This makes it virtually impossible for anyone stealing your hard drive to read your files. And there’s more. A surprising amount of your online activity is protected – to a degree – automatically.

What about Macs? According to a Computerworld journalist (http://www.computerworld.com/article/3008908/apple-mac/11-privacy-and-security-tips-for-os-x-mac-users.html), Mac FileVault: 

“Encrypts your drive using a secure encryption algorithm, which requires you to login before encryption is removed. Without this encryption, anyone who can get into your Mac can access your data.”

The same article has more tips to keep a Mac secure. It looks like Mac users face the same challenges and also have access to the same kind of security tools as everyone else.

How difficult is encryption software?

Can an ordinary person with limited computer knowledge install encryption programs themselves? Or do they need help? You’d probably find a government espionage-level encryption program a bit tricky. But ordinary user-level software is designed to be user-friendly. Find a popular tool with plenty of users and good reviews, and take the usual security precautions before downloading it.

Extra encryption – Tools to keep your data even safer

What if you don’t feel default encryption is enough? There’s plenty you can do to beef up your personal security and privacy online, with all sorts of tools to protect your data better:

• Use a password manager to protect your passwords and increase online safety
• Choose to only encrypt certain files with a tool like 7Zip, protecting particularly sensitive information
• Use a VPN – a Virtual Private Network – which creates an encrypted channel to keep your activities safe from interception. It lets you run online operations and transfer confidential information in complete privacy
• Encrypt your online activities, making sure every web page you visit is secure, using a simple browser extension like HTTPS Everywhere. Security experts say there’s still no guarantee your data is completely safe, but it’s better than nothing since secure sites meet strict encryption and authentication standards to protect user confidentiality
• Use an online proxy server to hide your IP address and therefore your online activities
• Go for broke and use TOR, The Onion Router, a browser that lets you access the internet anonymously using its own huge network of computers. Because information is routed through the networks’s multiple systems it is more or less impossible for hackers, snoopers and thieves to trace your activities back to you

Encryption isn’t perfect

There are plenty of ways to protect yourself in the digital world, keep your data private and your online activities to yourself. Some are built in to the systems we use every day, others can be bolted on. When you also keep your operating system up to date, use a reliable real-time scanning program and take care connecting to vulnerable public networks, you’re about as safe and secure as it gets.

Of course all encryption programs can eventually be hacked. The Russians, who used to be the the world’s hacking experts, are still up to their tricks, and some say the Chinese have caught up, particularly in regard to security systems used by corporations and the US government, which seem to be consistently penetrated. Our own government spies on us. And then there’s our own home-grown community of US-based hackers, spammers, and identity thieves.

Do you feel safe online?

How much encryption and extra data security do you use, and why? Maybe you don’t use any. If so, why not?