You can store it on a USB stick or your mobile or your personal computer or your company servers or out there in the cloud. Where is it safe? That’s not a simple question, but here’s my answer: Your own personal computer, if you take a few basic precautions, can be a pretty safe place to store things that matter, including secrets that matter.
Let’s assume · Concerning the Personal Computer I’m talking about:
You bought it yourself, from its maker.
You haven’t let anybody, in particular your employer’s IT group, install anything on it. The chances of an employer installing spyware, whether through policy or incompetence, are high.
Most personal computers come with pretty good firewalls. You’ve found that and turned it on.
Most personal computers come with pretty good full-disk encryption. You’ve found that and turned it on.
You don’t use Internet Explorer at all, and you use Chrome by preference. But you don’t let Chrome remember any passwords that really matter.
You control access. Which is to say, you have a high-quality password you don’t use anywhere else, and you’ve set it up so that if you ignore the computer for more than a couple of minutes, it goes dark; and to light it up again, you have to provide the password.
You practice email hygiene. Which is to say, you think before you click on attachments.
You practice Web hygiene. Which is to say, you stay away from shady parts of the Net and you don’t install browser extensions or plug-ins without thinking about them seriously.
What this buys you · In terms of Privacy Levels, this gets you something along the lines Strong Privacy (minus the messaging-specific bits). Which is to say, you can reasonably expect that nobody can examine the contents of your computer without your co-operation. This includes both a law-enforcement official with a properly-obtained search warrant and a criminal who’s stolen your computer.
Caveats · There is no absolute safety this side of the grave. In particular:
If a government employee does show up with a search warrant, the penalties for refusing to let them rifle through the contents of your computer can be severe. Which, assuming you’re fortunate enough to be within the jurisdiction of a sane, democratic government, is perfectly appropriate.
And of course if your government is oppressive, they won’t bother with the search warrant, they’ll just beat the password out of you.
If the government is convinced you are a dangerous person whose secrets they really need to know, this probably doesn’t work. They will install spy cameras to watch you type in passwords, use their reserve of zero-day exploits to compromise your computer after tricking you into visiting a legit-looking-but-compromised website, or intercept the computer on the way from the manufacturer to pre-install spyware.
For this sort of high-target-value person, certain special privacy techniques are available, but I have no expertise to offer in their use. Furthermore, I don’t care; I just want ordinary people leading ordinary lives to have a refuge for their data that is plausibly safe. In particular, a refuge that can’t be cracked by over-enthusiastic government employees cheaply and at scale. If you do care, you might want to start with Cory Doctorow’s You Are Not a Digital Native: Privacy in the Age of the Internet.
You might get unlucky. You might type some secrets into the wrong Web site within a day after its doors are opened by a major zero-day Rails or Node exploit. You might accidentally type your password into an unsecured Web form when someone’s WiFi snooping. A person sitting behind you in a café might have an inquiring mind and a good camera.
What’s good enough? · Your answer, like anyone’s, is going to be highly situational; depending not just on who you are and what you do, but where you live and work and worship and hang out.
But if everyone kept the data that mattered on a well-managed personal computer, a lot of the egregious abuses by the data snoopers around the world would become non-cost-effective.
And what’s more important, if you can count (to some degree) on your own computer being private, you can probably use it to help you send messages back and forth across the Internet while still enjoying Strong Privacy. More on that later.
Contributions
Comment feed for ongoing:
From: John Cowan (Jun 02 2014, at 19:13)
I think we have to assume that both major closed-source operating systems have been compromised by the manufacturers. Installing Debian escapes that risk.
[link]
From: An Australian (Jun 02 2014, at 21:11)
Fascinated that you recommended Chrome over Firefox - I wouldn've thought the privacy implications strongly favoured Firefox?
[link]
From: Dirkjan Ochtman (Jun 02 2014, at 22:31)
If you don't have a good backup solution, you just opened yourself up to a whole different can of worms.
[link]
From: Jonno (Jun 03 2014, at 04:01)
I see Dirkjan has already alluded to the comment I was going to make, which is you need to qualify 'safe' with 'from what?'
Data on own machine may be less likely to be accessible to adversaries than data in the cloud, but it's also more likely to be inaccessible to yourself.
[link]