If you have not already reviewed the list of best practices, read and carry out these three items:
- Choose the Windows PC (personal computer) that you will use to encrypt and to decrypt your content.
- Make your choice whether or not to connect that PC to the Internet. (Disconnected is more secure, connected is more convenient.)
- Set that computer to show file extensions. Everything below will make more sense if you do.
Plug the flash drive containing MarpX Privacy™ into a USB port on the Windows PC that you will use to make your files and messages private and to restore the originals. Typically, a pop-up like this shows:
On the pop-up select and click on Open folder to view files. If there is no pop-up, click on the Windows Explorer icon (in Windows 10, the File Explorer icon), then navigate to the flash drive.
Highlight and double click on the MarpX directory. You will be shown a list of files within the MarpX directory.
Highlight and double click on MarpXPrivacy.exe. You will be shown the program's home page.
MarpX Privacy™ starts at this navigation screen. When in doubt, click the Home button to return here. In this home page, you can switch between handling files and messages. You can also access the help pages (highly recommended) and the Exit button.
The large box lets you type in or paste a message that you would like to make private. Next below is an example in which 155 letters have been typed. It could just as easily been copied and pasted from within another file such as a word processor. Keep the length over 50 characters and under about 3000, which is roughly two double space typed pages. The 3500 figure allows extra for the strange things that HTML does to increase the count for some punctuation characters and line ends.
Microsoft used to run "helpful hints" in its software; a favorite was: "Don't run with scissors. You might hurt yourself." In the same vein, and assuming you have read the example above, we offer this hint: "When grating cheese, watch out for your knuckles in the grater."
Turn attention now to the small box at the bottom. Keys for MarpX Privacy™ are always seven letters -- any seven letters you wish. Capital letters are preferred. (If you use lower case letters, the program changes them to capital letters.) You can use the same combination of letters for different messages or files, but it is more secure if you use a different combination. IMPORTANT: IT'S UP TO YOU TO KEEP TRACK OF THE KEYS YOU USE. Paper and pencil is much more secure than making an online log; a hacker who found an online list of content and keys could get at all your content.
In this Level One example, the seven letters WGEZTDP were chosen to privatize this message. It's entirely up to you what seven letters you choose for any particular file or message. It's more convenient to repeat the same key as in previous encryptions, but it is less secure to repeat. That's up to you.
Click the large Encrypt Message button.
The message is instantly made into a file. The file's location and name is provided as in the above screen. The location is normally in a "MyPrivacy" directory on the same drive as your MarpX Privacy™ program -- usually on your flash drive. The name is "Msg_" followed by a date stamp, and the double suffix ".enc.txt". Notice in the above that the month is included first as a number 01 to 12, then a three letter abbreviation. That way, the messages are listed in time order when you list what is in the MyPrivacy directory. 160038 means 38 seconds after 4:00 p.m. (16:00 in a 24 hour clock) The extension ".enc" means encrypted. The added extension ".txt" means that the entire message has been converted to letters and digits in a format called Base64.
Encrypted messages are wrapped in text, so that they may readily be copied and pasted to email or to social media pages. Files attached to or spread in emails easily get past unfriendly spam filters. The instructions to copy and paste are shown on the page; the steps become second nature quickly.
The first time you run the program, try some experiments.
- See if you can make any sense out of the jumble of letters, digits, periods, and exclamation marks that make up an encrypted message. Bet you can't! If you can, you deserve a high paying job with the U.S. National Security Agency.
- If you have a Facebook page, write a message for friends. Copy and paste the message into your Facebook page, and phone a couple of friends to tell them the key you used. Ask them to go to the Decrypt Msg page in their copies of MarpX Privacy™, highlight, copy and paste your Facebook message and enter your key. They will get the message. Mark Zuckerberg and Facebook will not get it.
- As an experiment, write a message, then highlight and copy it as in the box above. Then click on the Decrypt Msg button at the bottom of the page. More on this experiment below.
Let's assume you have highlighted a text-like segment including the <<< and >>> anchors, and you have used CTRL-C to copy it onto the Microsoft "clipboard". The large box on the Decrypt Message page is the place to take it. Click anywhere in the big box, click CTRL-V. It will look like this:
Enter the same code that was used to encrypt it. Click on Decrypt Message.
Decrypted messages are turned into files. Here is the file name and where it is located. Notice the name ... same as the incoming message, except the .enc.txt double suffix has been removed, and the suffix is now ".decrypted.txt". The word ".decrypted" is added so that it does not overwrite the original message, and you can compare the two if you wish.
When you decrypt a message, you are shown the plain text, that is, the original message. (If there were any accented characters or special characters in the message, this step is skipped. But the full message is still in the file named above.)
There is a Home key at the bottom of the page. Click on that, then choose Encrypt File.
Files are even easier to make private. So long as the file is somewhere between 50 bytes and 100,000,000 bytes, this version of MarpX Privacy™ will handle it. (Need something that does gigabyte size files? Contact us.)
Simply browse and select the file you want to make private. Then input below whatever key you want to use this time. There is also an option to wrap the encrypted version in text so that it can get through as an email attachment. That's useful, but it makes files up to fifty percent larger. This feature is not used for the 1.5 megabyte file selected here. The screen will look like this:
Click Encrypt This File and you will be shown...
... the location and name of the encrypted file. The name is the same as the input file, but with a file extension .enc added at the end.
You are NOT shown the encrypted file. It's a mess, an absolute jumble of all 256 different characters that can be contained in a computer byte. If you are really interested in technical detail and can tolerate DOS, here is a note on what's in an encrypted file.
To arrive at this next screen, click the Home button and continue this tour by choosing Decrypt File.
Normally you would park the encrypted file in archives or send it to someone else. For this tour, let's simply decrypt the same file that was encrypted above. On the flash drive, browse to MyPrivacy and select assignment7.pdf.enc. Input the same key, CEHPPQD. Click Decrypt File.
As always, you are shown the location and name of the result. Typically it is found in the MyPrivacy directory. The .enc file extension is gone and the word ".decrypted" appears before the current extension. In this case, it is a PDF (Portable Document Format) file.
In this example, it's a PDF file...
Here it is, opened with Adobe Acrobat:
Going back to the original file and opening that, it looks exactly the same. In reality, it more than looks the same. It IS the same. More on that in the technical note on what's in an encrypted file. Prove it to yourself with a file that you encrypt and then decrypt.