I'm really sorry, Lono, that you had to be exposed to that. I hope you've managed to find a way to restore your spirit and affirm your faith in mankind.

Honestly this is what I want to know. I'm not worried about big brother. The government already has all my medical records, my tax & bank statements, dmv and ccw info...
Google has all the rest...

I would like to be able to carry copies of my insurances, bank info, DL, prescription & medical info, etc encrypted on my phone which is always with me unless I lose it or get robbed.

There have been too many incidents of hurricanes, fires, tornados and the odd runaway train. If I need to get out of Dodge and I can't go home having these things handy would save a lot of time and trouble.

Is there a way to do this so my data is secure to 90% of the thieves in case my phone gets lost or taken from me?

Thank you all.

Android has an option to encrypt the internal (and external?) SD card if you set up a letter based password for the phone, might make daily use a pain though.

I'd use TrueCrypt to encrypt files on a USB stick. If you use your phone, I recommend Secret! from LinkeSOFT. Strong encryption, syncs with your computer, great customer support, highly recommended. I have no affiliation with them other than as a long-term customer.

Personally, I need a solution that works on Linux, Windows, and Android. iPhone/iPad would be nice too, but I don't have those (although my wife does, so compatability there is a plus).

Truecrypt has Linux and Windows covered. It has not been ported to Android yet. A few other products are attempting to offer Truecrypt support on Android, but from my research they have limitations that are not appealing to the general public (like you phone has to be rooted, no GUI - commandline only, etc.)

I have found one product that works fantastically on Linux/Windows/Android/iPhone, and that is "KeePass". But it is an app designed to manage passwords, not general purpose documents. Still, if password management is what you need, this app can't be beat. It is known as "KeePass" on Windows, "KeePassX" on Linux and MacOS, "KeePassDroid" on Android, and "iKeePass" on iPhone/iPad. http://keepass.info/download.html

A quick and easy method for someone that is not technical would be using 7-zip.

7 zip has client for Windows- there appears to be one for android and Mac- not sure about ipads, sorry.

If you password protect a zip file, it uses AES. Just use very strong password.......


If you are more technical, I would vote for Truecrypt also.

Best implementation would be a hidden volume- your container will be ""layered"" (my term, not theirs)
If you use the wrong password, you get to layer 1, which should contain private looking stuff.
If you use the right password you get to layer 2, which has the truly important data.

Another advantage to this approach is that it can be opened on any computer, not only one where you have administrator permissions (something required when using TrueCrypt).

I didn't get Truecrypt when I followed the written manual, but after looking at the Tutorial on youtube, it was actually pretty easy to understand. I now use it for most of my backups/important documents.

I don't think any of us are saying that these companies want to be participating in programs like PRISM, but it's the fact that they do-- and the extent of what they do--that bothers many people.

Then again, companies already make billions of dollars a year legally selling all kinds of information about you which don't include the actual contents of your emails, files, text messages, etc. and they gleefully do participate in that. Marketers can already create chillingly accurate profiles on people from stuff that is legally available. And those profiles can be bought online by anyone, becoming an "open invitation for corruption," stalking, and so on by ex-boyfriends, co-workers, etc. As far as I know, these services are not allowed in Europe, by the way, due to their privacy laws.

Actually, come to think of it, a company like Google, and just recently Yahoo, already "know" the contents of all of your emails since they actively scan through all of them for marketing purposes and to serve up targeted online ads. Normally, this is all done by computers, but who's to say that a person couldn't tap into that database to pick out nuggets of info to be used for nefarious purposes? Things that look like account logins and passwords in an email? Embarassing photos sent as attachements?

It's very difficult for your average law abiding American to maintain even a modicum of privacy from all the legally collected surveillance without jumping through inconvenient hoops nowadays. And even if you take precautions, unless the people that you interact with also take precautions, your privacy can still be compromised to a surprising extent.

Thank you all for your help.