#0001 Writing Diaries and Securing It
I started recently writing my own diaries and since it contains private details which I don’t want anyone to access but myself I started to look for a setup that could achieve this.
I write my dairies in Markdown files using Emacs. each file is named after the current date of the day (YYYY-MM-DD.md) where I dump all the thoughts that comes to my mind.
When I am finished, I archive the directory containing all my diary files then encrypt it using gpg then delete the unencrypted data.
I recently discovered that regular file deletion doesn’t actually delete the files and it’s contents, It just marks them as deleted to allow other files to be stored in it’s storage location when needed. The deleted files could be recovered which is bad in my use case so I use a tool called wipe for deleting unencrypted dairy files instead.
It overwrites the files multiple times with random data before deleting it to actually remove them but after reading it’s man page I discovered that it is not guaranteed to completely delete all the data even after using the tool due to the type of my file system (ext4) and other reasons but I guess this is enough for my use case for now; I don’t expect that a forensics expert would be interested in my dairies.
I use a random 14 character password for encryption using AES-256 algorithm. I store the password in a Keepass vault.
Here are the scripts I use for opening and closing the Diaries:
- Opening script:
#!/bin/bash
set -o errexit errtrace
gpg Dairies.zip.gpg
unzip Dairies.zip
emacs Dairies/$(date +'%Y-%m-%d').md
- Closing one:
#!/bin/bash
set -o errexit errtrace
mv Dairies.zip Dairies.zip.old
mv Dairies.zip.gpg Dairies.zip.gpg.old
zip -r Dairies.zip Dairies
gpg -c --no-symkey-cache --cipher-algo AES256 Dairies.zip
wipe -rf Dairies Dairies.zip Dairies.zip.old Dairies.zip.gpg.old
Let me know if you use a different diaries setup, aware of ways to improve mine or have any other feedback in the comments section mentioned below.