Encryption

Email Privacy Gmail reads every email you send and receive. That’s not an exaggeration. Google scans your emails to: Build advertising profiles Train AI models on your conversations Track purchase history and receipts Identify your contacts and relationships Monitor your location through confirmation emails Google knows more about your life than your closest friends. They know when you’re job hunting (LinkedIn alerts), having health issues (doctor appointment confirmations), traveling (flight confirmations), and buying things (every receipt). ...

Secure Messaging Your text messages are not private. SMS travels through your carrier unencrypted. They can read every message, store them indefinitely, and hand them to law enforcement without a warrant. WhatsApp claims “end-to-end encryption” but shares metadata with Facebook—who you talk to, when, how often, your location. iMessage is better, but only between Apple devices, and iCloud backups often store your messages unencrypted on Apple’s servers. Real privacy requires end-to-end encryption with open-source, audited software. ...

Encrypted Storage Your files are vulnerable. If your laptop is stolen, lost, or seized, anyone with physical access can read everything: your documents, photos, financial records, passwords database, browser history. Disk encryption is the solution. You enabled disk encryption when installing Linux Mint (Week 2). But encryption isn’t just for your system drive—it’s for USB drives, backup drives, cloud storage, and sensitive file containers. This week, you’ll learn to create encrypted containers with VeraCrypt, understand LUKS (your existing Linux encryption), and establish secure backup practices. ...

Goal Master symmetric encryption with AES: understand encryption modes (and why ECB is broken), use OpenSSL for file encryption, and learn how Key Derivation Functions transform weak passwords into strong keys. Prerequisites: Week 2a (Hash Functions) This is Part 2 of 3 - Covers symmetric encryption and key derivation. 1. Symmetric Encryption: Shared Secrets What Is Symmetric Encryption? Symmetric encryption uses the same key for both encryption and decryption. Alice Bob | | | "Meet at midnight" + Key123 | |---------> AES Encrypt --------------> | | f8a3b2c1d4e5f6 (ciphertext) | | | | <-------- AES Decrypt <-------------- | | f8a3b2c1d4e5f6 + Key123 | | "Meet at midnight" (plaintext) | Key challenge: How do Alice and Bob agree on “Key123” without anyone else learning it? (Solved in Week 3 with asymmetric crypto) ...

Goal Understand the public-key cryptography revolution and generate your first GPG keypair. This is the foundation for everything else in the course. Prerequisites: Week 2 (Cryptography Fundamentals) This is Part 1 of 4 - Covers history, concepts, and key generation. Introduction: The Public Key Revolution Week 2 taught you symmetric encryption - Alice and Bob share the same secret key. But how do they exchange that key securely? The problem: ...

Goal Master practical GPG operations: understanding your keyring, encrypting files for yourself and others, and creating digital signatures that prove authorship and integrity. Prerequisites: Week 3a (GPG Introduction & Key Generation) This is Part 2 of 4 - Covers keyring management, encryption operations, and signatures. 1. Understanding Your GPG Keyring List All Keys # List public keys gpg --list-keys # Output: pub rsa4096 2025-10-14 [SC] [expires: 2027-10-14] ABCD1234ABCD1234ABCD1234ABCD1234ABCD1234 uid [ultimate] Alice Cypherpunk <[email protected]> sub rsa4096 2025-10-14 [E] [expires: 2027-10-14] Key anatomy: ...

Goal Complete your GPG mastery with key lifecycle management (rotation, revocation, backup), practical email encryption, and understanding when to use modern alternatives like age for simpler use cases. Prerequisites: Week 3c (Key Distribution & Web of Trust) This is Part 4 of 4 - Covers key management, email encryption, and modern alternatives. 🌱 New to this? If managing keys from the command line feels like a lot, Privacy 101 introduces password managers (KeePassXC, Bitwarden) with a graphical, beginner-friendly approach first: Privacy 101 Week 4: Password Managers → ...

🎯 Goal Learn how to protect local data at rest using encrypted filesystems and containers. Explore tools like LUKS, cryptsetup, gocryptfs, and veracrypt, and practice encrypting backups using tar and rsync over SSH. 🌱 New to this? If the command line feels like a lot, Privacy 101 covers encrypted storage with a graphical, beginner-friendly walkthrough (VeraCrypt, Cryptomator) first: Privacy 101 Week 9: Encrypted Storage → 1. Why Encrypt Data at Rest? Prevent access if your device is lost, stolen, or seized Protect sensitive logs, identity files, password stores Essential for laptops, USB drives, and backups 2. Full-Disk and Partition Encryption with LUKS What Is LUKS? Standard for Linux disk encryption Uses cryptsetup to manage encrypted partitions Key benefits: strong encryption, passphrase support, keyslots WARNING The following examples will erase data. Only do this on test devices or virtual machines. ...

🎯 Goal Learn how to communicate securely using end-to-end encrypted messaging, GPG-encrypted email, and metadata minimization. Explore Signal, Matrix, OTR, and email tools. Understand operational privacy trade-offs. 🌱 New to this? If the command line feels like a lot, Privacy 101 walks through secure messaging with Signal in a graphical, beginner-friendly way first: Privacy 101 Week 6: Secure Messaging → 1. Secure Messaging Protocols Overview Protocol E2EE Decentralized Metadata Safe CLI Available Signal ✅ ❌ (centralized) ❌ (requires phone number) ✅ (via signal-cli) Matrix (Olm) ✅ ✅ ⚠️ (servers can log) ✅ (nheko, gomuks, etc) XMPP + OTR ✅ ✅ ✅ (self-hosted possible) ✅ (profanity, mcabber) Tox ✅ ✅ (P2P) ✅ ✅ (toxic) 2. Signal CLI Setup Install signal-cli For Debian-based distros: ...