Scrambling data so only you can read it
Encryption
At rest vs in transit, end-to-end encryption, full-disk encryption, file encryption, and how to password-protect documents without shooting yourself in the foot.
Encryption at rest vs in transit: what the labels actually mean
The two phrases you see everywhere in cloud marketing, translated from vendor-speak into reality. Plus what each one protects you against, and what it does not.
Level: beginner
Full-disk encryption on every platform: what's on, what to turn on, and what it doesn't protect
BitLocker, FileVault, and LUKS in plain English. On modern consumer hardware, full-disk encryption is often already enabled — this article covers how to verify it, how to configure it properly, and what threats it genuinely protects against.
Level: beginner
End-to-end encryption, explained: what 'E2EE' actually means, and what it does not
E2EE is the gold standard for messaging and increasingly for document storage. It is also the most marketed and the most misunderstood. A working definition, and the questions to ask of any service that claims to offer it.
Level: intermediate
Tar, encrypt, upload: using GPG to secure files before they hit the cloud
A no-nonsense tutorial on using GnuPG to encrypt files before they leave your machine. Works with any cloud provider, requires no new service, and keeps you in control of the keys. Plus when this is the right tool and when it isn't.
Level: intermediate