Encrypt to be safe

An explanation of what encryption is, understandable even by Aunt Clorinda1, is simple: encryption means protecting information by making it incomprehensible to those who are not authorized to read it. This is done by transforming the data into a format that only authorized people can decipher using a special key to be able to read it.

A simple example

Aunt Clorinda won’t get pissed if you read this more technical paragraph quickly but, it could be interesting. The source code is written in Python language and can be run with the educational software Thonny.

def cifra_balzibox(testo):
    risultato = ""
    for char in testo:
        if char.isalpha():  # Controlla se il carattere è una lettera
            shift_base = ord('a') if char.islower() else ord('A')
            # Calcola la lettera opposta
            risultato += chr(shift_base + (25 - (ord(char) - shift_base)))
        else:
            risultato += char  # Mantiene i caratteri non alfabetici invariati
    return risultato

def decifra_balzibox(testo):
    return cifra_balzibox(testo)  # La cifratura e la decifratura sono identiche nel cifrario di Atbash

# Esempio di utilizzo
testo = "Ciao, Zia Clorinda, sei la n.1!"

testo_cifrato = cifra_balzibox(testo)
print("Testo cifrato:", testo_cifrato)

testo_decifrato = decifra_balzibox(testo_cifrato)
print("Testo decifrato:", testo_decifrato)

>>> %Run decifra.py
Ciphertext: Xrzl, Arz Xolirmwz, hvr oz m.1!
Decrypted text: Ciao, Zia Clorinda, sei la n.1!
>>>

The example is a pane e puparuoli2 the encryption systems, on the other hand, are very sophisticated.

Secure website with https

How many times have we read that a site is secure because it uses the HTTPS protocol? In fact, it is the browser itself that shows us a shield-shaped icon that reassures us. Sites have quickly adapted to this need, also because Google would have downgraded those that did not use secure protocols.

HTTPS (HyperText Transfer Protocol Secure) is a variant of the HTTP protocol that uses the SSL (Secure Sockets Layer) layer to encrypt and authenticate data during transmission.

It is important to emphasize that having a secure connection based on the SSL protocol does not at all imply that a site is legitimate.

SSL/TLS certificates are primarily designed to encrypt communication between the browser and the server, ensuring the protection of data traffic, but do not offer any guarantee of the veracity of the site itself.

End-to-end encryption

Many instant messaging programs offer, by default or through specific settings, the ability to communicate with encryption enabled between users, thus ensuring greater security in conversations.

However, it is essential to remember that, although the conversation is encrypted, the service provider has access and can read your content!

…and notifications?

You can have the latest bulletproof program with super secure encryption but, you forgot that your phone’s operating system reads the notifications in clear text, you’re screwed!

Encrypt your HD of the computer

Don’t fool yourself into thinking that encrypting your hard drive is safe. Even if the data is encrypted, it must be readable when the operating system boots, which means that once the computer is turned on, the data is visible and anyone can access it. The situation gets worse if you forget your password, in which case you will never be able to recover your data. If you work for a company, they probably have a backdoor to access your hard drive, but if one sector of the disk gets damaged, the entire disk could become unreadable.

I invite you to reflect on how work performance and the worker’s ingenuity can be considered direct property of the employer. This becomes even more evident when the employer uses encryption and/or limits the use of external media (such as USB, SD, FTP) and monitors email traffic, unconditionally appropriating any content produced by the worker.

Data in the Cloud

Imagine how much data is uploaded to the cloud without proper encryption. How many companies expose their projects and information to the new Spy Cloud, putting their security and confidentiality at risk?

We must intervene forcefully and decisively in this uncontrolled spread of data.

  1. Aunt Clorinda is a fictional character created to demonstrate how easy it is to learn complex topics in a simplified way that is accessible to everyone. ↩︎

  2. A pane e puparuoli, Neapolitan expression a pane e peperoni means that it is made in a simple, economical and effective way. ↩︎