When it comes to data security, a holistic approach is always best. From the use of only secured connections on closed networks and changing the default passwords on wireless routers to shutting down computers when not in use and password protecting everything. The fact still remains that with enough time and the proper program, anyone can gain access to anything. All they need is the desire to get in and the only way to be 100% secure is to be 100% disconnected to the internet.
The best we, those connected to the internet, can hope for is to store our information on servers that are not as high of a target and make it as difficult as possible to access and read the information contained. The former can be attained by hosting our own cloud servers (see The Personal Cloud), through encrypted Content Management Systems, and FTP sites; the latter can be achieved by password protecting our machines, files and folders. Now, when I refer to passwords, I do not mean your favorite pet’s name or the city you live in, or even a simple combination of intelligible letter combinations and a number of significance. Hold on to your hats, kids, it’s time to do some math.
Because of the minimum requirements established for a lot of websites, most passwords are about eight case-sensitive alphanumeric characters long allowing for 628 possible permutations or 218.3 trillion which seems like a lot; however, consider that commercially-available password cracking software for a regular desktop environment available five years ago could try 2.8 billion passwords per second, it would take a regular off the shelf computer with the cracking software about 22 hours to crack an 8 character password by brute force alone (literally checking every possible combination). Performing a brute force crack would be more time consuming than, say, a dictionary attack, pattern checking, word list substitutions, et cetera.
The most secure passwords are randomized and composed of at least 25 case-sensitive, alphanumeric characters ([A-Z] [a-z] \d). With this setup, there are 6225 or 645.3 quattuordecillion possible permutations and with that many possible combinations, it would take the Tianhe-2 (The fastest supercomputer in the world at 33.86 quadrillion keys per second) about 614 quintillion years to crack. As a counter example of how long cracking these passwords take based on length, if we took a case sensitive alphanumeric password that was 15 characters long, the Tianhe-2 could crack it in about 267 days (less than a year). Clearly, for security purposes, you would want to have a password where any computer would take more than a human lifetime to crack in order to feel somewhat safe.
So now that we have established parameters for what a secure password is, we will move on to where we can and should use these passwords (aside from our personal accounts: social media, e-mail, banking, etc.).
Password protecting PDFs
Portable Document Format documents, or PDFs, allow you to password protect the document on two levels. The first will require a password to open the document. This is the most useful for data security as it restricts others from viewing the content; however, it is the most impractical because of the way most of us use the PDF format. The other level will allow anyone to view the document, but will restrict the level at which they can interact with the data contained. This process is outlined in my previous post with the process explained by Alaina Brantner, this post is entitled, On “Lying through their teeth: Identifying Translation Scams” in the section on “Translators: stop sending out your CV in editable document format.”
The second place where we can use these passwords to protect our information is the .ize file. I feel .ize files are an underutilized file format in our industry. And if you think sending the packages that are exported from CAT tools are secure, all you have to do is change the file extension from .sdlppx (for example) to .zip and you can access, view, and modify the contents of the exported package.
So, if you wanted to encrypt the file contained within a zip file, you will need a tool called izarc that you can download from izarc.org (you can also use this to encrypt your exported CAT tool packages).
Say you have your zip file that you want to encrypt before sending out. In izarc, you will click on Tools > encrypt.
Izarc will present you with the standard file (.zip) and the encrypted file (.ize). as long as the file paths are okay, click on “encrypt” and it will prompt you for a password.
Type in your password and click ok.
You will be asked to re-enter the password. Do so and click OK.
After the program works its magic, a new .ize file will be created at the pre-determined destination.
When you try to open it, the window will pop up, but you will need to decrypt the file before opening it.
Click on “Decrypt”
Enter your password and click ok.
Let the program work, and in the predetermined destination, a new .zip file will appear.
Now, it should go without saying that you should not send the password to decrypt the .ize file in the same correspondence as the one you are using to send the file itself. I would not even recommend sending the password along via the same method. If you send the file by e-mail, send the password to decrypt it via phone or text message.
For more information on brute force password cracking based on keys per second, visit Foundstone’s Open Security Research Brute Force Calculator. And please feel free to contact me if you have any questions regarding this and other issues regarding internet security in the Translation industry.