Go Back   MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 11, 2013, 09:17 AM   #1
tedesco24
macrumors member
 
Join Date: Jul 2010
PDF security after the fact

Since I made the decision to go paperless, I have several months of bank statements that I downloaded and saved in multiple locations...my hard drive and an external drive, and eventually I'll include some cloud services.

As I downloaded the statements from my bank, I've saved them as pdf's.

My question is can I add security to these existing pdf's now that they have already been created? Or do I need to re-download them and use the pdf security feature built into my mac print queue?

Thank you.
__________________
Bill
Aluminum Macbook Pro mc372ll/a
iPhone and iPod Nano
We all have a choice, choose life and honor Him!
tedesco24 is offline   0 Reply With Quote
Old Jan 11, 2013, 09:37 AM   #2
switon
macrumors 6502a
 
Join Date: Sep 2012
RE: Public Key encryption...

Quote:
Originally Posted by tedesco24 View Post
Since I made the decision to go paperless, I have several months of bank statements that I downloaded and saved in multiple locations...my hard drive and an external drive, and eventually I'll include some cloud services.

As I downloaded the statements from my bank, I've saved them as pdf's.

My question is can I add security to these existing pdf's now that they have already been created? Or do I need to re-download them and use the pdf security feature built into my mac print queue?

Thank you.
Hi tedesco24,

To answer your question, you can preview the PDF file and write it out as a new PDF with password and printing password, then delete the original unencrypted PDF file. You don't need to go back to your bank to do this.

Having said this, I think PDF security depends upon what you define as security. PDF security is not very secure; it is easy to break. So even if you downloaded password protected PDFs from your bank, they are not secure.

If you want true security (or at least much better security), then I'd suggest encrypting the unencrypted PDF files with a Public/Secret Key encryption tool, such as the GPGTools that are available for the Mac OS. You create your own Public/Secret keys, say with 2048 bits, that you use for encryption/decryption. I believe the longest RSA key that has been broken to date is 64 bits (took something like 5 years on thousands of computers to break it --- they have been working on a 72 bit key for 3000+ days and are only 2+% complete with the search), so a 2048 bit key is safe. At least until quantum computers to run Shor's algorithm become readily available, that is.

Regards,
Switon
switon is offline   0 Reply With Quote
Old Jan 11, 2013, 10:24 AM   #3
tedesco24
Thread Starter
macrumors member
 
Join Date: Jul 2010
Switon, thank you for the reply and the advice.

I do worry about going paperless and storing so much valuable info on computer, drives and clouds. I wonder what is more likely to happen...a fire that destroys everything or a hacker thanking me for putting some much valuable info within reach?

Anyways, my concern with going with a proprietary software such as GPGTools is what happens if they go out of business or decide to change their code, etc? Would all of my stuff now be inaccessible if they changed the playing field later in the game?
__________________
Bill
Aluminum Macbook Pro mc372ll/a
iPhone and iPod Nano
We all have a choice, choose life and honor Him!
tedesco24 is offline   0 Reply With Quote
Old Jan 11, 2013, 11:11 AM   #4
switon
macrumors 6502a
 
Join Date: Sep 2012
RE: security, fires, hackers...

Quote:
Originally Posted by tedesco24 View Post
Switon, thank you for the reply and the advice.

I do worry about going paperless and storing so much valuable info on computer, drives and clouds. I wonder what is more likely to happen...a fire that destroys everything or a hacker thanking me for putting some much valuable info within reach?

Anyways, my concern with going with a proprietary software such as GPGTools is what happens if they go out of business or decide to change their code, etc? Would all of my stuff now be inaccessible if they changed the playing field later in the game?
Hi tedesco24,

I fully agree, and I think most people fool themselves when it comes to security, whether that be from fire or from hackers.

(removed personal irrelevant details...)

As far as hackers are concerned, I believe they are actually serious threats, and thus for any important information, say financial information, I always encrypt my data using GPG with a 2048 bit key. I'm fairly certain that this is secure, or at least it is many orders of magnitude more secure than what my bank does to secure our fiduciary information and my funds. Because I keep this information available on my laptop and I take my laptop with me on speaking trips, I actually never worry about it being stolen (beyond the loss, that is) or hackers hacking into it because even if they did, they would never be able to get at any of my important information as all of it is encrypted with a nearly unbreakable encryption scheme and I haven't written down my passphrase anywhere but in my head. I also never allow the "Cloud" nor my backups to contain sensitive information --- and this is easy and I don't have to think about it since the sensitive information is already encrypted on my laptop, it is thus encrypted if it ever gets into the Cloud or my backups.

Since I keep at least one backup off-site, then my encrypted information is also safe from a fire in my house.

GPGTools and the underlying gpg are part of the GNU Project that underlies much of Linux. Since roughly 65% of all websites are hosted on LAMP (Linux, apache2, MySQL, and PHP), I doubt Linux will disappear anytime soon. And since gpg is just an implementation of the Public Key encryption scheme, the same scheme that protects most sensitive information in the world today, I don't think it is going away -- in fact, since gpg is PK, and Public Key is a standard, you can employ other third-party programs to decrypt gpg encrypted files. And, since gpg is open source, if you are worried about it you can download the source and compile it yourself. So even if gpg disappears or becomes unsupported, you can always compile and build a new version of it on any future computer, as long as that computer has a C compiler. That said, I'm not worried about gpg disappearing during my lifetime, albeit I am a troglodyte, soon destined for the afterlife.

Regards,
Switon

P.S. If you ever want to see just how insecure your computer files are, attend a Defcon conference one year and you'll never feel safe again.

Last edited by switon; Jan 11, 2013 at 09:30 PM. Reason: Added comment about gpg...
switon is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
PDF Max - The ultimate PDF app for iPhone/iPod Touch pdfmax iPhone and iPod touch Apps 1 Apr 21, 2013 07:57 AM
[LIMITED TIME SALE!] Universal PDF Solution: PDF Reader Pro YUYAO iPhone and iPod touch Apps 0 Sep 27, 2012 11:26 PM

Forum Jump

All times are GMT -5. The time now is 11:43 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC