Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
The movies can make it seem like cryptography is only used for international espionage. But the reality is that most of us use it nearly everyday. Without going into the (necessarily complex) details, this video will introduce encryption and related tools that help make using it as easy as sending a text (or an email!).
New Terms:
- Cryptography -- In this context, it is the use of advanced mathematics to provide guarantees of authenticity and privacy protections.
- Data in Transit -- A categorization of the data for communication and the threats and defenses related to the act of transmission.
- Data at Rest -- A categorization of data for storage and the threats and defenses related to long-term retention.
[SOUND] We've developed
a basic visual model for
0:00
Internet traffic to help
us make informed decisions.
0:04
We've also toured some of the more
common threats and effective defenses.
0:10
Now it's time to level up our own online
behaviors to stay safe and secure.
0:14
One of the more important tools that
we have available to us cryptography.
0:19
The movies can make it seem like
cryptography is only used for
0:23
international espionage.
0:26
But the reality is that most
of us use it nearly every day.
0:28
Without going into the details,
this video will introduce encryption and
0:32
related tools that help make using it
as easy as sending a text or an email.
0:35
Cryptography is a great tool because
it offers a form of defense for
0:41
many of the attacks or
threats we've already discussed.
0:44
And best of all,
you're likely already using it.
0:47
In our last video, we talked about HTTPS.
0:50
This secure version of HTTP,
the main communication of the Internet,
0:53
offers protections from eavesdropping and
from man-in-the-middle attacks.
0:58
Cryptography, at least for
1:02
our purposes, is the use of advanced
mathematics to serve this double purpose.
1:03
First, it provides guarantees
of authenticity by
1:09
ensuring the participating parties
are who they say they are.
1:12
This could be you and
another person, or your computer and
1:16
a website hosted in
another part of the world.
1:20
And second, it protects privacy by
encrypting the contents of a message
1:22
in such a way that only the proven
participants can decrypt and read it.
1:27
Often, this happens seamlessly,
such as in the browser for HTTPS traffic.
1:32
Another seamless integration
is Apple's iMessage,
1:37
the built-in text messaging
between iOS devices.
1:40
These messages are also protected
with strong cryptography without
1:43
complicated setup required from users.
1:47
Let's explore other ways to use
cryptography to get these benefits for
1:50
the rest of our digital information.
1:53
We can categorize the digital information
in our lives into data in transit and
1:56
data at rest.
2:00
This can help us tools the right tools for
the job.
2:02
Data in transit relates to the active,
communicating messages.
2:05
This could be sending an email or
a text message, but
2:08
this could also include
browsing a webpage.
2:11
The implied risk here is that
the active transmission in vulnerable.
2:13
So what are our options?
2:18
Fortunately, quite a few.
2:20
Data in transit.
2:22
Web Traffic- https.
2:24
Look for it in the address bar, and
that it shows the right domain.
2:26
Additional tools like HTTPS Everywhere
2:31
can help use only secure
sites wherever possible.
2:34
Email, several options exist and
more are in development.
2:37
Third party services provide encrypted
emails such as ProtonMail or RiseUp.
2:41
Other solutions like Enigmal allow you to
keep your existing e-mail address, and
2:46
can encrypt the content of your messages.
2:51
Text messages.
2:53
Two big players in the field at
the moment, Signal and WhatsApp.
2:54
They're based on similar technologies so
2:58
their discerning features are more about
design choices and supporting companies.
3:00
VPNs.
3:05
We spoke briefly about virtual
private networks already
3:06
as a way to protect your internet traffic.
3:09
But it's worth repeating here.
3:11
Countless VPN services are available, so
3:13
it will take some research to
find the best fit for you.
3:15
Data at rest relates to the act
of storing information.
3:19
This could be everything on your
hard drive, or an external drive, or
3:23
even how your email and
text messages get saved on devices.
3:26
The risk here is a bit more obvious.
3:30
If someone gained access to these devices,
what information could they capture?
3:33
There is no shortage of solutions for this
category either, so let's jump right in.
3:37
Data at rest, system encryption.
3:42
Often, there's a simple setting to
be switched on for a given device or
3:45
operating system, and
3:48
it's usually accompanied by
providing a strong passphrase.
3:50
For example, on Window's
machines it's called BitLocker.
3:53
And on Mac OS, it's FileVault.
3:56
It is highly recommended to enable this
when possible on all your devices,
3:58
whether a desktop, laptop,
cellphone or tablet.
4:03
Drive encryption, some built-in
tools allow individual files and
4:07
folders to be protected
with basic encryption.
4:10
Other third party tools
have seen greater adoption.
4:13
Windows, Encrypted File Service.
4:16
macOS, Disk Utility.
4:18
VeraCrypt is a free, open source utility
that improves upon another well-known,
4:21
but now abandoned, tool, TrueCrypt.
4:26
Third party tools.
4:29
Other tools offer different levels of
protection with varying degrees of
4:30
usability and cost.
4:34
GPG is a tried-and-true command-line
multi-tool that can cover just about any
4:35
need, if you can figure out how do
you construct the correct command.
4:40
Keybase is an interesting service
that offers various cryptographic
4:45
functionality, including encrypted
chat and shared file-system.
4:48
Now we've seen how beneficial
cryptography can be.
4:52
We've also explored ways that it
has already improved our lives.
4:56
And, finally, we've learned about some
additional tools to protect our data,
4:59
both in transit and at rest.
5:03
All this without needing to dig into
the messy details of the mathematics
5:05
You need to sign up for Treehouse in order to download course files.
Sign up