PDF security after the fact

Discussion in 'MacBook Pro' started by tedesco24, Jan 11, 2013.

  1. tedesco24 macrumors member

    Joined:
    Jul 4, 2010
    #1
    Since I made the decision to go paperless, I have several months of bank statements that I downloaded and saved in multiple locations...my hard drive and an external drive, and eventually I'll include some cloud services.

    As I downloaded the statements from my bank, I've saved them as pdf's.

    My question is can I add security to these existing pdf's now that they have already been created? Or do I need to re-download them and use the pdf security feature built into my mac print queue?

    Thank you.
     
  2. switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #2
    RE: Public Key encryption...

    Hi tedesco24,

    To answer your question, you can preview the PDF file and write it out as a new PDF with password and printing password, then delete the original unencrypted PDF file. You don't need to go back to your bank to do this.

    Having said this, I think PDF security depends upon what you define as security. PDF security is not very secure; it is easy to break. So even if you downloaded password protected PDFs from your bank, they are not secure.

    If you want true security (or at least much better security), then I'd suggest encrypting the unencrypted PDF files with a Public/Secret Key encryption tool, such as the GPGTools that are available for the Mac OS. You create your own Public/Secret keys, say with 2048 bits, that you use for encryption/decryption. I believe the longest RSA key that has been broken to date is 64 bits (took something like 5 years on thousands of computers to break it --- they have been working on a 72 bit key for 3000+ days and are only 2+% complete with the search), so a 2048 bit key is safe. At least until quantum computers to run Shor's algorithm become readily available, that is.

    Regards,
    Switon
     
  3. tedesco24 thread starter macrumors member

    Joined:
    Jul 4, 2010
    #3
    Switon, thank you for the reply and the advice.

    I do worry about going paperless and storing so much valuable info on computer, drives and clouds. I wonder what is more likely to happen...a fire that destroys everything or a hacker thanking me for putting some much valuable info within reach?

    Anyways, my concern with going with a proprietary software such as GPGTools is what happens if they go out of business or decide to change their code, etc? Would all of my stuff now be inaccessible if they changed the playing field later in the game?
     
  4. switon, Jan 11, 2013
    Last edited: Jan 11, 2013

    switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #4
    RE: security, fires, hackers...

    Hi tedesco24,

    I fully agree, and I think most people fool themselves when it comes to security, whether that be from fire or from hackers.

    (removed personal irrelevant details...)

    As far as hackers are concerned, I believe they are actually serious threats, and thus for any important information, say financial information, I always encrypt my data using GPG with a 2048 bit key. I'm fairly certain that this is secure, or at least it is many orders of magnitude more secure than what my bank does to secure our fiduciary information and my funds. Because I keep this information available on my laptop and I take my laptop with me on speaking trips, I actually never worry about it being stolen (beyond the loss, that is) or hackers hacking into it because even if they did, they would never be able to get at any of my important information as all of it is encrypted with a nearly unbreakable encryption scheme and I haven't written down my passphrase anywhere but in my head. I also never allow the "Cloud" nor my backups to contain sensitive information --- and this is easy and I don't have to think about it since the sensitive information is already encrypted on my laptop, it is thus encrypted if it ever gets into the Cloud or my backups.

    Since I keep at least one backup off-site, then my encrypted information is also safe from a fire in my house.

    GPGTools and the underlying gpg are part of the GNU Project that underlies much of Linux. Since roughly 65% of all websites are hosted on LAMP (Linux, apache2, MySQL, and PHP), I doubt Linux will disappear anytime soon. And since gpg is just an implementation of the Public Key encryption scheme, the same scheme that protects most sensitive information in the world today, I don't think it is going away -- in fact, since gpg is PK, and Public Key is a standard, you can employ other third-party programs to decrypt gpg encrypted files. And, since gpg is open source, if you are worried about it you can download the source and compile it yourself. So even if gpg disappears or becomes unsupported, you can always compile and build a new version of it on any future computer, as long as that computer has a C compiler. That said, I'm not worried about gpg disappearing during my lifetime, albeit I am a troglodyte, soon destined for the afterlife.

    Regards,
    Switon

    P.S. If you ever want to see just how insecure your computer files are, attend a Defcon conference one year and you'll never feel safe again.
     

Share This Page