Re: [tw] how secure is encrypted TW5 and DropBox?
Hello Sorry to hear about your health. ..I have also been thinking recently about the same basic issue. Plus visited a dear friend in December with advancing terminal cancer. She has been busy putting all her affairs in order. Simplifying etc. Had just completed 99% that when I visited. Said she felt much more relaxed and prepared for herself and for her family. *MAKE A BOOK* She highly recommended creating an old fashioned paper dossier ~ book with the essential/crucial information and instructions. A single binder [transparent pockets] and drop in printed pages {and/or handwritten}. Something simple direct, portable and always-ON. throw in photos / copies of comments / things etc even can be very helpful. Where are the keys, which keys etc. How to turn on/off such-and-such Very accessible to family in times of loss grief and unexpected paperwork to deal with. One never knows in whose office, or at what teller's counter one will need to pull out some key information or proof-of... especially these days. Plus need to perhaps add notes on the fly. My friend has minimal computer skills, and is teacher/writer/historian so she relates deeply to tangible documents, books. Think: passports, certificates, account statements, utility bills etc. And sometimes just a simple color photo or scan-copy is worth so much. However, she is right that single portable dossier is a great gift to the living left behind. *Higher TECH 2014 >> TW5 WAY* Having said all that, I think at the very minimum you should copy whatever data/code/documents to a USB key, and literally put that on special KEY-CHAIN for your wife. So FIRST show and test together an offline, local encrypted file which contains logins and passwords. I'd suggest you start with a single TEXT file for logins only. Then/meanwhile build up a TW document for all the other information. As you proceed, you might find that you want to keep all logins/passwords separate, or may opt to include some or all in your TW-based solution. test and test again. {this is the argument for PAPER-BOOK} Yes, TW could be a great modern extension of ye olde dossier... I already keep PDFs of various documents on my server. Recently twice was able to quickly bring up the page on my phone and at my bank. pinch zoom and so much trouble+time saved. STEGANO This week have been looking again at steganography and password encryption options. I trust less and less ANY commercial/mainstream service, and feel that even some little effort to roll-ones-own, using appropriate tech is maybe best. So for example, I am very interested in TW5 and Node so I looked at Node.js graphics libraries for testing stenographic methods. Plus various simple OpenSSL encryption tools and techniques. By regular SSH Terminal shell on PC or ipad, Powershell on Win7, plugin for SublimeText2 .. And soon I'll dig in to TW5 and its encryption features and workflow There is for example the old classic *ImageMagick* library. http://www.imagemagick.org/ It has an very interesting and fun *stegano* {as in steganography} function. Many uses.. These days the fork called *GraphicsMagick *is recommended. Used by Flickr et alia. And now a Node.js interface *http://aheckmann.github.com/gm/* I am not there yet, but Like the scope of using images. With the right key-tools in hand, it makes it easy to hide them in plain-sight. Plus have some fun, or even provide personal visual-mnemonic tips to gain full access to ones protected target. Your need is likely more urgent to get information in order NOW. Please continue to post any progress or problems you encounter with your use of TW or other tools. I think potentially all this is a great use-case for TW, and hopefully with some real-use help many people manage personal media sanely a in a semi-public context. Good Luck and I hope your health improves in 2014 ~jason -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+unsubscr...@googlegroups.com. To post to this group, send email to tiddlywiki@googlegroups.com. Visit this group at http://groups.google.com/group/tiddlywiki. For more options, visit https://groups.google.com/groups/opt_out.
Re: [tw] how secure is encrypted TW5 and DropBox?
Hi Bill I'm very sorry to hear of your heart attack. I think the idea of using an encrypted TiddlyWiki to pass on a cache of vital personal information is pretty good. There are a couple of TiddlyWiki files that I share with family members in the same way, using encrypted files in Dropbox. It's difficult to give an unequivocal answer as to how safe the arrangement might be. Right now TW5 is pretty new, and I don't think that the encryption features have yet been subjected to the kind of systematic external review that we might want. However, I'm pretty confident that the underlying crypto library that TW5 uses is solid; it's widely used, and has been subject to review: http://bitwiseshiftleft.github.io/sjcl/ So, I think a reasonable strategy for the moment might be to stick with KeePass for the most sensitive financial information, and use an encrypted TW for the rest. As Cangaroo Joe points out, you can give yourself an extra layer of protection by wrapping the TW file in an encrypted zip file. The way that I think about this stuff is to compare what I'm doing with email; we need to treat email as if it's pretty close to public domain, and so anything that you are prepared to put in an email I'd say would be not unreasonable to put an encrypted wiki in Dropbox. Anyhow, I hope you find a good solution, and do keep asking questions. Best wishes Jeremy On Wed, Jan 29, 2014 at 7:14 PM, Bill Dixon wrote: > After having a heart attack 2 weeks ago, I'm finally making detailed notes > for my wife, with stuff like life insurance policy info, 401k info, backing > account numbers, etc. My idea is that if I were to die, she could just > pull up the TW file and have all the information she needs to handle > whatever she needs to do to close my affairs and do things I normally do > (balance checkbook, etc). > > My idea is to put the TW file on DropBox, and put a shortcut to it on my > wife's laptop. That way, I can continually (over the years) update my > copy, and if anything ever happens to me she'll have all the information > she needs in one place. > > I have all the passwords to the various sites I mention in KeePass, and > it's secure enough that I trust putting it on DropBox (and I hope I'm not > mistaken here). But there's a lot of other sensitive information I'm > putting in tiddlers. I suppose I could put all stuff like that in KeePass > as comments, but I'd rather put everything except passwords themselves in > TW. > > Just how safe would it be to encrypt a TiddlyWiki file with a password, > and then put it on DropBox? > > If it isn't safe, then I'll just try to remember to copy the file to her > laptop whenever I make significant changes, but I'd rather not have to > worry about remembering to do that. (My memory is horrible.) > > Thanks, > Bill > > -- > You received this message because you are subscribed to the Google Groups > "TiddlyWiki" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to tiddlywiki+unsubscr...@googlegroups.com. > To post to this group, send email to tiddlywiki@googlegroups.com. > Visit this group at http://groups.google.com/group/tiddlywiki. > For more options, visit https://groups.google.com/groups/opt_out. > -- Jeremy Ruston mailto:jeremy.rus...@gmail.com -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+unsubscr...@googlegroups.com. To post to this group, send email to tiddlywiki@googlegroups.com. Visit this group at http://groups.google.com/group/tiddlywiki. For more options, visit https://groups.google.com/groups/opt_out.