I'm trying to send my tax info securely through email or a web file transfer service like yousendit.com, dropbox.com or google drive, and created an encrypted folder containing the many image files of my business expenses and tax stuff using the command line (using "Terminal" app) as follows:
$Barbaras-MacBook-Air:~ barbara$ zip -er /Users/barbara/Desktop/taxes2017.zip /Users/barbara/Desktop/BARB\'S\ STUFF/Taxes/Taxes\ Tax\ Year\ 2017-copy/\__Tax\ Docs\ assembled\ 2017/ Enter password: Verify password:
Note that "zip -er" stands for "zip", "encrypted" and "recursive" which is used to get all the folder contents if zip/encrypting a folder as opposed to a file which is just "zip -e", and that I've used "\" to escape unix problem characters. This worked, creating the zip file, and when clicking on it I get a pop up with an "Archive Utility" window: "Please enter password for ".DS_Store". Password: [______] [<–text box].
I found the file was too large to email – like 42 mb, so I carved it down removing unnecessary content, but it was still closer to 40 mb. So I uploaded to dropbox.com, then found they only allowed viewing of folder not transfer, which is a problem because it means it will be unzipped in the cloud which is not what I want. (I want truly secure files to be viewed only by receiving party to whom I give password.)
I uploaded the file to google drive and did a last minute check that is was password protected and found to my amazement it unzipped without requiring a password – every file and folder visible there! In shock I went back and checked my file on my mac and confirmed that I wasn't crazy and that it was still password protected there. (If this makes you nervous, perhaps you can check if google drive opens your mac-command-line-encrypted zip files too).
I'm using mavericks OS X (v. 10.9.5) on my macbook air (fall 2012). The machine is too old to update to the newest OSX Sierra per apple support, but could update Yosemite or El Capitan, but not desirable or possible since I have little working hard drive space left in my machine – hovering around 7 GB – so I don't have space for it. Otherwise I've installed all updates to mavericks.
I decided to test if I could test if the encrypted file would remain encrypted in a PC environment which is where it would likely end up, and found again to my amazement that it was at least still encrypted (thats good) but that it couldn't be unzipped:
Compressed (zipped) Folders Error Windows cannot open the folder. The Compressed (zipped) Folder 'F:\taxes2017.zip' is invalid [OK]
Note that no option to enter a password is offered, just a flat out failure.
This means even if I put the unix/ osx encrypted zip file on a flash drive my accountant can't open it as his end, at least if he's using my son's same PC operating system, which is Microsoft Windows 10 Home version 10.0.14393 Build 14393 on an HP Pavilion Notebook, an x64-paced PC.
Are mac command-line-encrypted files easily viewed without passwords by file transfer services besides google drive, and if there's a more advanced or secure way to encrypt, zip and transfer files over the internet to individual desktop end users.
How come encryption wasn't unencryptable in a PC environment, and how do others do physical transfer by flash drive of encrypted files between environments?
Can I transfer a truly secure file via file sharing site like google drive, where no one in the chain can open the file except the recipient I give the password to by phone or other means?
Is there another zip and/or password protection method – or one of each – whether apple-based or third party – that is not undone by third parties and be unzipped in a windows environment with its password? I haven't tried the disk image method in disk utilities yet – maybe you can spare another hour or two of effort if it will not work in your experience.