Those of us who live in a democracy had grown accustomed to not having our physical or electronic mail read without cause and warrant. It was something that distinguished a democracy from a dictatorship.

Because both ne'er-do-wells and the average Joe have access to encryption, only the sloppy get swept up in mass interception. Encryption scrambles data by algorithm, a sequence of steps, that makes information irretrievable without a special key that unlocks the gibberish.

I'm not a political activist, and thus I've always been more concerned about civil sniffing: companies and people who harvest data to violate privacy or commit identity theft. Corporations also worry about industrial espionage, in which secrets are used by competitors or blackmailers.

For all these reasons, a working knowledge of encrypting files has become an important part of one's digital repertoire.

For file encryption to work, each recipient must have the same or compatible software. While a small set of common encryption algorithms tend to be used among most software, these algorithms need to be packaged up to be accessible to most of us.

Encryption works on middles and ends. Consider a tin-can telephone network. You and a buddy punch holes in the bottom of tin cans, knot a string on either end on the inside of each can and, pulling it taut, you can have a secure connection between each other.

But what happens when a kid sister ties another string to the tin-can network and faintly gets news of a diary-reading raid. Running barbed-wire around the string or painting it with skunk juice could keep Sis away; this is protecting the transmission.

You can also protect the ends. If Becky and Charlotte set up a tin-can network and create a code list beforehand — "Rocky" means "Fred from third-grade" — then little brother's effective spying is for naught whether he hears both ends or taps into the middle. (So is Big Brother's.)

Mac users have a few strong options for ends and middles. I'll look at Apple's built-in Mac OS X options, PGP Desktop Home 9 and a new offering cleverly called Civil Netizen. I'll talk more specifically about protecting e-mail and its transmission in a future column.

Apple. Apple includes encryption in Disk Utility (Applications: Utilities), in which you can create a scrambled virtual disk image. Disk images are commonly used for software distribution, but can contain any files. They look just like a hardware disk when mounted on the Desktop. (These instructions cover Tiger, but are similar in earlier Mac OS X releases.)

Launch Disk Utility and click New Image from the menu along the time. Select a maximum disk size, and choose AES-128 from the Encryption menu. AES is used by the U.S. government — although at stronger levels. Even at 128 bits, it's considered very strong. Choose a location to store the disk image file.

Click Create, and Disk Utility will prompt you to select a password, which you must enter twice. (Click the key icon next to the Password field, and Mac OS X offers suggestions on picking a strong password, too.) Click OK, and the disk image is created and mounted. It can be unmounted by dragging it to the trash.

You can e-mail or otherwise transfer the unmounted disk image file to other individuals. However, you need to tell recipients' the password, and sending it via e-mail would defeat the purpose of making sure Sis isn't listening in. Your best bet is to use secure instant messaging (available in the latest iChat AV 3 for Mac.com subscribers) or a phone call or Internet telephone call.

PGP. PGP Desktop Home 9 ($99, www.pgp.com) is a full-featured security suite with two items in particular that help with secure file transfer. First, PGP can create a virtual disk much like Apple's Disk Utility, but with stronger encryption (AES-256) and a few additional options for the type of virtual disk created.

Second, you can encrypt a single file which can then be sent as an attachment. Both encryption methods can use either a standard encryption key, which both parties have to know, or public key cryptography, in which a public key revealed by the recipient is used to encrypt a message or file without decreasing that encrypted file's security.

Civil Netizen. This new, free addition to the arsenal combines some of the best aspects of peer-to-peer networking and strong encryption (www.civilnetizen.com). Mac and Windows versions are out with a Linux version to come.

The program lets you create a collection of one or more files and folders — what they call parcels — on your computer. Civil Netizen then uses a central registry to manage packing slips, which serve as download instructions for another computer to retrieve the parcel from your machine. The registry tracks the state of receipt.

You could think of Civil Netizen like eBay: The program and service doesn't handle the packages, but facilitates two parties in exchanging goods by providing a conduit.

The software, still in beta, needs to improve a couple of areas of encryption in which a sniffer could insert themselves actively into a file transfer. The company said they will remove this weakness, and I expect they will.

Paranoia is a condition for those who only imagine that there are forces arrayed against them. Encrypting files can be an effective cure against reality.

Glenn Fleishman and Jeff Carlson write the Practical Mac column for Personal Technology and about technology in general for The Seattle Times and other publications. Send questions to carlsoncolumn@mac.com.

More Practical Mac columns at www.seattletimes.com/columnists.

E-mail article Print view

More Practical Mac headlines...