<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Failsafe</title>
    <link>https://failsafe.writeas.com/</link>
    <description>I just think privacy is neat.</description>
    <pubDate>Sat, 04 Jul 2026 22:29:24 +0000</pubDate>
    <item>
      <title>How to Encrypt EVERYTHING</title>
      <link>https://failsafe.writeas.com/how-to-encrypt-everything?pk_campaign=rss-feed</link>
      <description>&lt;![CDATA[Hello, friends! In the spirit of the EARN IT act seemingly gathering steam in the USA, I&#39;ve written a detailed guide on how to encypt, well... everything. Welcome to a lengthy blog post overstuffed with hot, sticky, sweet and sour cryptography. Bon appétit.!--more-- &#xA;&#xA;I will be attempting to update this post somewhat regularly, so check back from time to time! I&#39;ll be sure to make it known when I&#39;ve updated.&#xA;&#xA;As always, I welcome your input--if you agree, disagree, have additions, have questions--please speak up! Feel free to reach out to me on Social Media or by Email (details at bottom of post). Let&#39;s talk and learn from each other. I&#39;ll try my best to respond as much as I can, even if it takes me a little bit of time to do so. :)&#xA;&#xA;----&#xA;&#xA;UPDATED 11/01/2020 (See Changes)&#xA;----&#xA;&#xA;Contents&#xA;Encrypting Web Traffic&#xA;    VPN&#xA;    Tor&#xA;        VPN + Tor?&#xA;    DNS Requests&#xA;Encrypting Communications&#xA;    SMS/MMS and Voice Calls&#xA;    Email&#xA;    Private Messaging, VoIP, and/or Video Chat&#xA;Encrypting Synced Data&#xA;    All-in-One Solution&#xA;    Passwords&#xA;    2FA/MFA/OTP&#xA;    Contacts &amp; Calendar Sync&#xA;    Personal Notes / Journals&#xA;    Documents&#xA;    Cloud Storage&#xA;Encrypting Collaborative Projects &amp; File Sharing&#xA;    Communication for Teams&#xA;    Shared Documents&#xA;    File Sharing&#xA;Encrypting Your Files&#xA;    Encrypting System Drives&#xA;        Android&#xA;        iOS&#xA;        Linux&#xA;        Mac&#xA;        Windows 10&#xA;    Encrypting Flash Drives / External Drives&#xA;    Encrypted Folders / Partitions&#xA;Hiding Files and Secret Messages in Plain Sight with Steganography (Coming soon!)&#xA;Contact Me&#xA;&#xA;----&#xA;&#xA;a name=&#34;web&#34;Encrypting Web Traffic/a&#xA;&#xA;There are currently two excellent, reliable ways to encrypt your web traffic that are widely used: a VPN and TOR. Let&#39;s talk about both. I will also touch on DNS encryption at the end of the section.&#xA;&#xA;VPN&#xA;&#xA;VPN stands for Virtual Private Network, and a good, trustworthy VPN is an indespensible tool in the fight for privacy. A VPN will generally allow you access a collection of servers across multiple countries and continents. You may have seen people using VPNs to access Netflix or YouTube content from different regions, which is definitely a nice perk, but not why I&#39;m bringing them up. &#xA;&#xA;When you connect to a website, your IP address is logged. We could dive deeper into why this might be problematic, but if you&#39;re reading this, I&#39;m assuming you&#39;ve already got some semblance of an idea. In very short terms, that IP can be used to track you around the web, from site to site, mostly for marketing purposes (and potentially reasons more sinister). A VPN worth its salt will encrypt your request to connect to a site and any other data you may be uploading, then ferry it safely to a remote server before decrypting it and directing it where it&#39;s meant to go. The beauty of this is twofold: &#xA;&#xA;Your true IP address will not be revealed to the sites you visit, as it will only see the remote server&#39;s IP, from which hundreds or thousands of varying connections are made daily, effectively obscuring your identity and habits online.&#xA;Your ISP (Comcast, TWC, Century Link, AT&amp;T, Verizon, etc.) will only see your encrypted traffic headed to a single remote server, and not where it goes after. Essentially, they have no idea what you&#39;re doing on the web, either. &#xA;&#xA;This is not a foolproof method of achieving anonymity, however. Why? Because your VPN can see your true IP and exactly what you&#39;re doing with it. This is where things get tricky, and why it&#39;s so crucial to use a reputable VPN service. &#xA;&#xA;I can make a few recommendations on VPNs I&#39;ve found worthy of my own trust, but first I want to detail a couple of the important facors that I look for in a VPN:&#xA;&#xA;Loglessness. There&#39;s nothing from stopping a VPN service from claiming to be logless and collecting logs anyway, so there is absolutely an element of trust needed here. My personal view is that for any privacy strategy to work, you are going to have to need to be able to place trust in certain organizations and tools--it&#39;s inevitable. We just have to do our homework and practice with failsafes/redundancy when we can. &#xA;Jurisdiction. In general, I am skeptical of VPNs based in the USA or China, as their privacy laws are less than stellar. A VPN based somewhere like Switzerland, however, would be subject to their remarkably forward-thinking privacy laws. Depending on your own unique use-case, you may want to consider where your VPN provider is headquartered. In researching this, you may see terms like &#34;Five Eyes,&#34; &#34;Nine Eyes,&#34; or &#34;Fourteen Eyes&#34; come up. This is a detailed subject, so I recommend skimming this article to get a better idea of what this means for you. &#xA;Leak Protection. Ideally, the VPN service will have a mitigation in place for DNS Leaks.&#xA;Security. Arguably the most important aspect, the VPN provider needs to offer strong encryption protocols (ideally AES-128 or AES-256, avoid blowfish or anything below 128-bit encryption).&#xA;Monetization. VPN services are expensive operations to run, and as such, any VPN that is provided at no charge should draw immense skepticism. You must consider how they monetize their service to properly evaluate if it will be an asset to your privacy.&#xA;&#xA;Luckily, comparing all of these traits and more has been made extricably easy by That One Privacy Guy through the detailed VPN comparison chart on his site, aptly named That One Privacy Site. Use this resource, please.&#xA;&#xA;My Recommendations: I personally feel comfortable using and recommending Mullvad, Proton VPN, Nord VPN, or Mozilla VPN (which piggybacks on Mullvad&#39;s servers). &#xA;&#xA;  A Note on PIA: I was a Private Internet Access user for a long time, but many are unaware that they were recently purchased by Kape Technologies, a less-than-reputable PLC that, at one time, created adware and has since rebranded as a &#34;cybersecurity&#34; company. I am not aware of any major changes to their policies since the acquisition, so they may still be a fine service, but the purchase was a major red flag for me and I can no longer comfortably recommend the service. &#xA;&#xA;You can host your own VPN at no cost, but this is only recommended if you have the knowledge and means to do so properly, for your own security.&#xA;&#xA;Tor&#xA;&#xA;Tor differs from a VPN in a few key ways. Tor is The Onion Routing network, and it is a free global network of nodes that can only be accessed via the Tor Browser that runs on donations. When you connect, your web activity is encrypted and routed through a series of 3 random nodes BEFORE it makes a connection. While you can use the Tor browser to access &#34;Clearnet&#34; (or &#34;normal&#34;) websites, it also offers the ability to visit Onion sites. These are sites accessible only via the Tor network and provide an additional layer of protection.&#xA;&#xA;Both Tor and VPNs are exceptional tools for privacy, and while there&#39;s a bit of overlap, they both have unique strenths that will make them each better suited for different use-cases. Here is a more technical breakdown to help decide if a VPN or Tor is better for you.&#xA;&#xA;For more information on using Tor, see my recent post on How to Get The Most Out of Tor in 2020. &#xA;&#xA;VPN + Tor?&#xA;&#xA;So if VPNs are good, and Tor is also good, wouldn&#39;t they be better together? This is where things get a little messy, because it depends on who you ask. Many very knowledgable folks make the argument that using a VPN with Tor can compromise your anonymity. I personally subscribe to the idea that using Tor over a VPN (not the other way around) can significantly improve your anonymity, and here is my reasoning:&#xA;&#xA;Your ISP can see you&#39;re using Tor, so going VPN   Tor means that your ISP won&#39;t know you&#39;re using the Tor network.&#xA;As far as data transfer, your packets will go VPN server   Tor Node #1   Tor Node #2   Tor Node #3   Target Site, so whether or not you use a VPN, the site you&#39;re connecting to is only gonna see the IP of the Tor exit node, not the VPN server&#39;s IP.&#xA;The entry node will see your IP, but it sees your real IP, anyway. Using a VPN can hide your IP from the entry node, but this requres that you have a trustworthy VPN provider that is truly logless, and that you pay for the service by reasonably anonymous means.&#xA;&#xA;As far as I can tell, if done right, the only downside would be a terribly slow connection (VPNs and Tor will both take a hit on your connection speeds). Since there are some valid arguments for both sides of this old, rusty coin, I will not give you a definitive answer on whether it&#39;s right for you. Luckily, a community-managed wiki for The Tor Project has created an excellent post on this subject, so I highly recommend giving it a read.&#xA;&#xA;If you have any thoughts on this, please let me know. Let&#39;s discuss! I&#39;m here to learn, too.&#xA;&#xA;DNS Requests&#xA;&#xA;A Domain Name System (or DNS) server works much like an old school phone operator. When you type reddit.com into your browser, you are calling in to say, &#34;Hello, I would like to be connected to my old pal, Reddit.&#34; The operator will then find the phone number (or IP Address) of Reddit and help direct the connection. If you had no idea what a DNS server was, you are most likely using the DNS provided by your ISP. Many may also be using Google&#39;s DNS option, as it&#39;s quick and reliable. In both cases, your DNS requests (or the sites you are trying to visit) are unencrypted and logged by a third-party. Much like a VPN, it is possible to host your own private DNS server. This is a great option if you have the know-how and the resources to set it up properly, but it won&#39;t hardly be the most accessible option for many. &#xA;&#xA;For those that use a VPN, many VPN providers include their own secure DNS. This is great! This means you don&#39;t have to do anything special while the VPN is running. If your provider offers DNS leak protection, please note that it is not recommended that you try to use DNS over TLS or DNS over HTTPS, as it can invalidate the protection.&#xA;&#xA;If you are not using a VPN with an included DNS or are still in need of a quick and easy solution, there are lots of DNS choices out there, so I&#39;ve narrowed them down to a few that I have found to be reputable enough. You&#39;ll want to make sure that the provider you choose is equipped with DNSSEC and supports some kind of encrypted tunneling protocol, such as DoT (DNS over TLS) or even better, DNSCrypt (see below chart for more info). &#xA;&#xA;| Provider | Location | Logging | DNSSEC |&#xA;|:-------|:-------|:-------|:-------|&#xA;| Quad9  | USA  | Minimal  | Yes  |&#xA;| DNS.WATCH  | Germany  | None  | Yes  |&#xA;| Snopyta  | Finland  | None  | Yes  |&#xA;| Cloudflare\  | USA  | Minimal  | Yes  |&#xA;  \Please note:* Cloudflare claims that their logging is extremely minimal. Regardless, many users around the internet do not trust them as an organization. I have been unable to find enough evidence to make a truly informed recommendation regarding Cloudflare&#39;s reputability, but I am including them because, at this time, they at least appear to be committed to offering a private, secure alternative DNS. They are also the fastest DNS out there by a notable margin. I personally would opt for another choice--such as Quad9--in the interest of privacy, but I did want to include this one as a more private alternative to Google DNS for the performance freaks.&#xA;&#xA;You can find a much more comprehensive comparison chart with more options where I borrowed some of this information from, on PrivacyTools.io. As mentioned above, DNSCrypt is highly recommended. To use it, you need only download a client from their website and run it. In the client, you can typically select from numerous supported DNS options, but while they are all secure options, not all of them are necessarily the most private options. This is why it&#39;s important to look over the supported choices on sites like PrivacyTools and go in knowing what you&#39;re using. &#xA;&#xA;If you choose not to--or are unable to--use the DNSCrypt client on your chosen device, here is a quick and dirty guide to change your DNS server on any device courtesy of HowToGeek.&#xA;&#xA;----&#xA;&#xA;Encrypting Communicationsa name=&#34;comms&#34;/a&#xA;&#xA;For some, like journalists and whistleblowers, encrypted communications are vital to their work--and in some areas, their survival. For others, we simply don&#39;t want our private messages parsed for marketing data. Both cases are completely valid. I firmly believe that everyone has a use for legitimately private communication and that it should be easily obtainable. As of today, fortunately, it is for many of us. &#xA;&#xA;Here are some recommendations for a mix of paid services and FOSS (free and open source software) for communication that provide E2EE (end-to-end encryption). What this means is that all communications are fully encrypted on your device (&#34;clientside&#34;) and decrypted only upon arriving at the receiver&#39;s device. E2EE exists to promise the user a zero-knowledge service, meaning that even the company themselves cannot read your messages, nor could any government-based or malicious actors that compromise their servers. They can only be deciphered on your physical device.&#xA;&#xA;  \Please note that for all of the following, the other user must use the same tool in order to get the most protection from them.&#xA;&#xA;SMS/MMS and Voice Calls&#xA;&#xA;Signal (Android/iOS/Linux/Mac/Windows) [FOSS] - An SMS application by Open Whisper Systems that can handle both plain, unencrypted text messages with anyone AND E2EE text messages with other Signal users (for mobile users--on PC, it will only allow private messaging between other Signal users). It is endorsed by Edward Snowden himself and widely used in both private and public sector by cybersecurity professionals and government officials alike. There are alternatives and forks out there, but they are not cross-compatible with Signal. Some prefer alternatives, as Signal does require a phone number on sign up, but since Signal dominates this particular niche, you&#39;re going to find way more people are already using this one, so it&#39;s easily my preferred recommendation. Signal is also capable of E2EE voice and video calls. I&#39;m often surprised at how many of my friends and contacts are already using Signal once we swap numbers.&#xA;MySudo (Android/iOS) [PAID] - MySudo is a closed-source service by Anonyome Labs that allows users to create multiple &#34;Sudos&#34; or alternate identities, each with their own phone number and email address. All texts, calls, and emails between other MySudo users are free and E2EE, but you need to pay for a subscription service to take advantage of the full suite of tools. Theoretically, one could have a Sudo for personal matters, a Sudo for work, and a Sudo for finance. Let&#39;s say they leave a job or their work phone number becomes otherwise compromised--they could simply kill that number and get a new Sudo. Some users will even go so far as to never give out their actual cell number, and instead rely only on Sudo numbers. This can be a very practical way to compartmentalize your life and conceal one of your most sought-after digital assets. In my experience with it, the numbers are often rejected by businesses and online retailers that demand a phone number, but it&