How-To: Keep Your Files Secure
PrintThese days, privacy is getting pretty hard to come by. Your boss checks your Facebook, your mom sees what you’re looking at on YouTube, and anyone who Googles your name can find out about that embarrassing incident at the IHOP.
That’s why we think you should at least be able to find some peace of mind on your own PC. With that in mind, we’ve prepared a quick guide for keeping files and folders on your computer hidden from prying eyes. We’ll cover four different ways to accomplish this, from the mundane to the nigh-unbreakable.
Method 1: Hide Folders
Alright, the first and easiest method for hiding files is the one that’s built into Windows. You’re almost certainly already familiar with it: The good old fashioned “Hide Folder” option. To hide a folder this way, all you do is right click on it, then click on the Hidden checkbox in the properties.
This will make the folder invisible to the file explorer, as long as the “”Do not show hidden files and folders” setting is selected in the folder options. If this option is not selected, the folder will still be visible, but slightly ghosted. Because it’s so easy to find folder hidden this way, it’s a technique that should only be used against someone who isn’t actually trying to snoop through your files.
Who this is going to fool: Your Mom, a small child
Method 2: Locked Archive
Method number two is definitely more secure, and not much more difficult to do than the first method. Here, we’ll hide sensitive files or folders by stashing them inside an encrypted (password locked) archive file. Almost any file archiver as the ability to encrypt a .ZIP archive, but the default encryption algorithm for many programs, called ZIPCrypto, is not terribly secure and can be cracked using programs available on the internet. Instead, make sure you use a program that can use very secure AES 256 bit encryption. Example of these include 7-Zip, PeaZip, and WinZIP. Windows’ built-in ZIP app does NOT do AES 256 b it encryption.
There are two issues to consider with locked archives. First, the encryption is only as strong as the password you choose, so pick a password that’s at least 10 characters long and has a mix of letters (upper and lower case), numbers and symbols. Even if it’s fairly long, a password that is a word is susceptible to a quick dictionary attack. Second, although the archive hides the contained files from peeping Toms, the archive itself is plainly visible. You can try to disguise the file as something else, but a big, encrypted archive is always suspicious.
Who this is going to fool: Probably nobody, but they’re going to have to waterboard you if they want to know what’s inside
Method 3: Steganography
Alright, enough of the boring methods, let’s get down to the James Bond stuff. Steganography is like cryptography, in that its goal is to hide a message from 3rd parties, but it goes a step further, demanding that the 3rd party not be able to tell that the hidden data even exists. Commonly, this is done by disguising one sort of file as another sort of file, or hiding it in a big pile of random data.
How can you get started with steganography? If you just want to impress your (easily impressed) friends, you can use one of a couple of web apps. Mozaiq is a site which allows you to hide a secret message inside a .png or .jpeg. It’s very limited (128kb image, 1024 characters max for your secret message) but it couldn’t be any easier: Just upload your image (or choose one of their stock photos), enter your message and an optional password, then click Hide Your Message! You can give the picture and password to anyone you want, and they can read the hidden message by going to the mozaiq decryption page.
If you want to hide one whole file, and not just a secret message inside another file, the maxant Steganography app has you covered. This is good for hiding single files, but if you’re looking to conceal a whole bunch of data, you’re going to need a more heavy duty solution. For that, read on.
Who this is going to fool: Anyone but a data forensics expert
More like this
ubuntucuber
June 18, 2009 at 7:22am
an easier way to that and offline (plus if you are on the road and don't have a cell card in your laptop, minus if not done in windows because the command is in windows (possibly linux, untried and will post a comment if it works.)
Step 0: install <a href="http://www.7-zip.com">7-zip</a>.
Step 1: encrypt files in passworded zip file.
Step 2: have the zip file you made in the last step and a picture to mask the data in the same folder.
Step 3: in the command prompt(cmd.exe)
Step 3 a: cd (folder from step 2)
Step 3 b: COPY /B [your zip file] + [your image] [new image file name]
does not have to be an image, could be anything.
~UbuntuCuber
drewdaddy
July 21, 2009 at 12:12pm
Thanks for the info how to embed the two files, but how would you seperate teh two to access the hiden file?
pizzaguy
May 12, 2009 at 6:17pm
I personally like to make a folder and fill it up with a bunch of truecrypt volumes. One has the sensitive information, the rest are just videos of never gonna give you up
score master
May 05, 2009 at 7:34pm
you could just use 7zip or winrar to make an archive, put a password on it, then hide it inside a photo.
if you make both then go into the command prompt, then enter the location of both into the prompt:
copy /b image.jpg+archive.7z newimage.jpg
so if i were puting an archive called bill.7z into a picture titled office.jpg and i wanted it to have work.jpg as the name, it would be:
copy /b office.jpg+bill.7z work.jpg
i should also add that it depends on where you have them saved also, because you have to have the cmd promp in the same dirrectory if not the eases thing to do is move them there
you can also do it in mac osx or linix witht he text
cat image.jpg archive.z7 > newimage.jpg
visibly_stealthy
May 05, 2009 at 7:12pm
Uhm yeah, I have gone swimming with SD cards and they still worked! My girlfriend even accidentally washed my playstation memory card like three times. And, both still work to this day!
In the hands of a master, any object can become a field improvised, lethal weapon.
Justin.Kerr
May 05, 2009 at 4:48pm
I'm a big fan of Axe Crypt.
Open source, free, and allows you to send excrypted .exe files as easily as creating a .zip archive by right clicking selected files. It uses AES and is a perfect, lightweight solution.
http://www.axantum.com/AxCrypt/
Digital-Storm
May 05, 2009 at 4:34pm
could you go as far as encrypting a .rar file within a image, and then encrypting the image within the truecrpyt drive, and then putting the truecrypt drive within an image file?
Techie714
May 05, 2009 at 12:33pm
True Crypt!
http://www.truecrypt.org/
Specs:
CPU: E6600 (3.2Ghz)
Ram: 4 GB DDR 2 (800) Corsair XMS Extreme
Mobo: Asus P5N-E
Video: BFG 8800GT OC (512 RAM)
Sound: X-FI Extreme Gamer Fatality Pro Series
HokieTechie
May 05, 2009 at 11:47am
It's also worth pointing out that industrial strength filesystem encryption is built right into Linux 2.6 kernels. If you don't set up your crypttab for automatic "ask for the key and then mount," then the only way someone is going to locate the data is to hunt around the hard disk and find the LUKS partition or the LUKS image file.
You can encrypt your entire root filesystem and encrypt your swap space, which pretty much handles the problem of leaving unencrypted traces of your data.
BTW - does anyone out there trust Bitlocker?
ka0s5150
May 05, 2009 at 8:18am
How about you put your sensative info on a key disk and put it in your pocket?! lol.
nmanguy
May 05, 2009 at 12:09pm
But will you have 24/7 eyes and ears on that drive? Will you go swimming with it?
Connect with MaximumPC
Featured Content
We introduce Intel's latest class of tablet killers and review 4 of the first Ultra...
Where have all the memorable videogame enemies gone?
This month's issue
Feature
11 Hardware Hacks
Feature
Overclock Your CPU
How-To
Supercharge Your Smartphone
Build It
A Powerful $830 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Windows 8 Consumer Preview Coming On February 29 http://t.co/3Nd04FdR33 min 41 sec ago
- maximumpc: Can RIM *ever* catch a break? Not today! App World numbers not as great as previously reported http://t.co/3ERRhr3120 hours 20 min ago
- maximumpc: Solid state shakeup: Intel 520 SSD vs OCZ Octane vs Patriot Pyro SE! http://t.co/lXDufI7w21 hours 37 min ago
