Summary

  • The Marion County Record newsroom in Kansas was raided by police, who seized two cellphones, four computers, a backup hard drive, and reporting materials.

  • A computer seized was most likely unencrypted. Law enforcement officials hope that devices seized during a raid are unencrypted, as this makes them easier to examine.

  • Modern iPhones and Android phones are encrypted by default, but older devices may not be.

  • Desktop computers typically do not have encryption enabled by default, so it is important to turn this on manually.

  • Use strong random passwords and keep them in a password manager.

  • During the raid, police seized a single backup hard drive. It is important to have multiple backups of your data in case one is lost or stolen.

  • You can encrypt USB storage devices using BitLocker To Go on Windows, or Disk Utility on macOS.

  • All major desktop operating systems support Veracrypt, which can be used to encrypt entire drives.

Main Take-aways

  • Encrypt your devices, drives, and USBs.

  • Use strong random passwords and password manager.

  • Have multiple backups.

  • Barry Zuckerkorn@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    It’s not meaningless.

    I know that it’s pretty easy to pick the lock on my front door. Or to break the window and get in. But still, there are a non-zero number of burglars who would be stopped by that lock. Same with my bike lock, which is a bit harder to pick but still possible. Nevertheless, the lock itself does deter and prevent some non-zero number of opportunistic thefts.

    There are a non-zero number of law enforcement agencies that would be stopped by full disk encryption, even if the device is powered on and the encrypted media is mounted. There are a non-zero number of law enforcement agencies that would be stopped by all sorts of security and encryption strategies. And I’d argue that simple best practices would stop quite a few more than you’re seeming to assume: encrypt any data at rest on any devices you control, and then use e2e encryption for any data stored elsewhere.

    You don’t even have to be that technically sophisticated. For Apple devices, turn on FileVault (as it is by default if you log into an Apple account when you set up the device), turn off iCloud. For Windows devices, use Bitlocker. For Android, turn on the “Encrypt Phone” setting, which is on by default. If you’re messing around with your own Linux devices, using LUKS isn’t significantly more difficult than the rest of system administration.