In most spy films, encryption looks like green text scrolling down a black screen while someone types very fast. In real life, encryption looks like a file that doesn’t open.
That’s the whole point. You take something readable and make it unreadable — except to someone with the key. The file still exists. It’s the same size. It sits in the same folder. But its contents are scrambled into mathematical noise. Without the key, it’s gibberish. With the key, it’s exactly what it was before.
The maths behind encryption is elegant and, for our purposes, irrelevant. What matters is the practical question: when should you encrypt a file?
The honest answer is: more often than you do.
Every time you email a tax document, you’re sending it in plain text across networks you don’t control. Every time you drop a contract into a shared Google Drive, you’re trusting Google’s security, Google’s employees, and Google’s compliance with whatever government requests they receive. Every time you upload a file to WeTransfer, you’re sending it to a server in someone else’s country.
None of this is inherently dangerous. But it’s worth understanding the trade-off. Convenience means trusting infrastructure you can’t see. Encryption means trusting maths.
The barrier to encrypting files has always been usability. PGP encryption — the gold standard for decades — requires generating key pairs, exchanging public keys, and using command-line tools or clunky desktop applications. It’s secure. It’s also why almost nobody outside of journalists and security researchers actually does it.
What should exist — and now does — is a simpler model. Take a file, set a password, get an encrypted file. Send it however you want. The recipient enters the password and gets the original file back. No keys, no key servers, no PGP infrastructure. Just a password that you share through a different channel.
Is it as secure as a full PGP workflow? No. Is it infinitely more secure than emailing an unencrypted file and hoping for the best? Yes.
And critically: if the encryption happens on your device, the file is protected before it ever touches a network. Not after it arrives somewhere. Before it leaves.