In the light of recent events, I decided to take a little bit more care of my privacy. I am not overly paranoid concerning my data but it seems I need a certain level of confidence how the data can or cannot be accessed by third parties.
Sign and encrypt mails with GPG
I created a new GPG key pair according to this guide. For convenience reasons, I also removed the master signing key from my keyring. Thus when a malicious thief gets hold of it, I can revoke all signed subkeys but keep the accumulated trust in my master key.
This is the fingerprint of my currently used 4096 bit long key pair:
DD89 68B2 F64F 0260 A387 5EE0 018A 1479 4D3A 8106
All other keys that I used in the past are invalid from now on.
Also, I try to avoid the GMail web interface as much as possible and use Thunderbird together with the excellent Enigmail plugin instead. All out-going mails are signed and encrypted if possible.
Leaving the cloud
I removed all sensitive data from Dropbox and Google Drive. I know, they probably backed it up anyway but it’s a start. The most sensitive data (GPG master key, scanned documents, etc.) are saved on a USB thumb drive in an EncFS directory. It is the easiest and most comfortable solution I encountered so far. This should get you started:
$ sudo apt-get install encfs $ encfs /path/to/usb/.secret /path/to/usb/secret ... $ fusermount -u /path/to/usb/secret
I wrote a little shell script saving me from typing this over and over again.
secret directory is empty, it runs the
encfs line otherwise it
As said before, I am not a paranoid guy and I will try to be as open and public as possible as long as it does not touch my personal privacy.