While Windows 7 support is probably the stand-out feature of the True Crypt 6.3 release there are a few others additions and changes that might be interesting to some users. TrueCrypt 6.3 adds full support for Mac OS X 10.6 Snow Leopard as well which should please Mac users who use the software program.

Another addition to this release of the disk encryption software is the “system favorite volumes” option. This comes in handy “when you have volumes that need to be mounted before system and application services start and before users start logging on. It is also useful when there are network-shared folders located on a TrueCrypt volume and you need to ensure that the network shares will be restored by the system each time it is restarted.”

The latest version of True Crypt can be downloaded from the developer’s website where it is available for all supported operating systems.

Related posts

• VLC Media Player 1.0 Released (9)
• Stream Music With Subsonic (11)
• Prep For GRE, GMAT, SAT Tests With Words (3)
• Photo Collage (3)
• Open Office 4 Kids (11)

CryptKeeper is available for the GNOME desktop (requires Nautilus) and is a system try applet that easily manages EncFS encrypted folders without the user having to touch the command line. And CryptKeeper works very similarly to TrueCrypt, but makes the whole process even easier. In this article you will learn how to install CryptKeeper and then create and use an encrypted folder on a Ubuntu machine.

Installation

Installing CryptKeeper is as simple as installing any other software on a Ubuntu machine. Of course this software should be just as easy to install on your favorite distribution – just modify the process as needed. The steps for installation are:

1. Open up your Add/Remove Software tool.
2. Search for “cryptkeeper” (No quotes).
3. Select the resulting software for installation.
4. Click Apply to install.

That’s it. Once installed you will find the menu entry under the Applications menu, in the System Tools sub-menu.

How CryptKeeper works

The way this application works is simple: Creating encrypted, mountable file systems. Basically you create an encrypted folder that can only be accessible if that folder is mounted, and the only way to mount that folder is to know the authentication password.

Starting and using CryptKeeper

Figure 1

When you start CryptKeeper you will be surprised to see that no windows or dialogs open. As stated earlier this is a system tray applet so the application resides in your system  tray (or Notification Area). So when you start CyrptKeeper the only thing you will see is the system tray icon appear (see Figure 1).  The icon you are looking for is the keys icon. From this icon there are two actions:

Right click: Preferences, About, Quit

Left click: Mount previously created encrypted folders, Import EncFS folders, Create encrypted folders.

From the Preferences window there isn’t really much to do. There is, however, one important option you can set. If you want to make sure your encrypted folders are unmounted after being idle for a user-configured amount of time.

Now, let’s create an encrypted folder. Left click CryptKeeper icon and select “New Encrypted Folder”. This action will open up a Wizard that will walk you through the process of creating your folder. The steps are:

Give your folder a name and location.

Enter (twice) a password for the encrypted folder.

Figure 2

That’s it. As soon as you have verified your password, and hit Forward, your new encrypted folder will open in the Nautilus file browser (see Figure 2).

With your folder open you can then place whatever you like inside. Once you are done working with the folder you only need to unmount it to keep the contents from prying eyes. There is only one way to unmount your folder:

Left click the CryptKeeper icon and uncheck the mounted folder.

If you try to unmount the folder from within Nautilus you will be unsuccessfull.

When the folder is unmounted it will seem to no longer exist on your machine. The only way you will see the file is to open up a terminal and search for the folder in your home directory using the ls -a command. Using the example I created above (encrypted folder “Ghacks”) I will see the entry .Ghacks_encfs in the ~/ folder. If I try to search the contents of that folder I will see something like:

kgv8qdE4Y,8kNqkREP7cQGvz-fk9bUujZTSXd8ijrelqi0

Figure 3

No dice. There is only one way to see the contents of this folder. To do this left click the CryptKeeper icon and select the encrypted folder you want to mount (see Figure 3). Once selected you will be prompted for the password for the folder. When you successfully enter the password the folder will mount and be opened in a new Nautilus window.

Final thoughts

Without a doubt, CryptKeeper is one of the easiest means to create on-the-fly encrypted folders to use on the Linux desktop. If you need solid encryption for personal folders, CryptKeeper is the way to go.

Related posts

• True Crypt 6 released (3)
• True Crypt 5 adds System Partition Encryption (1)
• Securing your Pc with True Crypt (27)
• Increase True Crypt AES performance (7)
• Encrypting an USB Drive with True Crypt (11)

The application you need is gpgdir. The gpgdir application allows you to recursively encrypt and decrypt directories on your Linux system. It’s an easy to use command line tool that can save you a lot of time when you have to do a lot of encryption of files. In this article you will see how to install gpgdir and use it for basic directory encryption/decryption.

Getting and installing

The only drawback is that gpgdir is not installed on your distribution by default, it doesn’t come with GnuPG, nor is it included in your repositories. You are going to have to install manually.

If you use an rpm-based distribution you can download the rpm from gpgdir’s download page. Once you have that file downloaded you will issue the command:

rpm -ivh gpgdir-XXX.rpm

Where XXX is the release number.

If you are not using an rpm-based distribution you will have to install from source. This is actually quite easy. First download the source file. Once you have that file on your hard drive (let’s say it’s in ~/Downloads/firefox/) issue the following comands:

cd ~/Downloads/firefox

bunzip2 gpgdir-XXX.tar.bz2

tar -xvf gpgdir-XXX.tar

cd gpgdir-XXX

./install.pl (or sudo ./install.pl)

Where XXX is the release number.

You should now have a working installation of gpgdir.

Using gpgdir

Before you actually run gpgdir you have to have a gpg key generated (The article mentioned at the beginning will describe to you how this is done.) With your gpg key in mind you have to edit a single line in a file before you begin using gpgdir. The file is ~/.gpgdirrc. What you need to do is add your gpg key user name in this file. The line you need to add looks like:

use_key USERNAME

Where USERNAME is your gpg key username (not your Linux system username – although they could be the same). If you’re not sure what your gpg key user name is issue the command:

gpg –list-keys

to see the user names of your keys.

Once you have your configuration file edited you are ready to go.

The basic usage of gpgdir is:

gpgdir -e|-d DIRECTORY OPTIONS

Let’s create a test directory containing two files. So issue the following commands to create your test environment:

mkdir TEST

echo $USER > TEST/user

data > TEST/data

Now you are ready to see how this works. Let’s encrypt the files in our TEST directory.

gpgdir -e TEST

You will be prompted to enter the key’s passphrase. Once you do this you will see something like:

[+] Encrypting files in directory: /home/jlwallen/TEST
[+] Building file list...
[+] Encrypting:  /home/jlwallen/TEST/user
[+] Encrypting:  /home/jlwallen/TEST/date
[+] Total number of files encrypted: 2

If you look in the TEST directory you will now see the following:

date.gpg

user.gpg

To unencrypt these files issue the following command:

gpgdir -d TEST

You will be prompted for the password again. After gpgdir decrypts the files they will no longer be encrypted.

Excluding files

Say you want to encrypt all files in the TEST directory but the user file. To do this you would issue the command:

gpgdir -e TEST –Exclude user

All files in TEST, except user, will now be encrypted.

Final thoughts

Although you can do more with gpgdir, you now have the fundamental usage of the command.

Related posts

• Secure your files: An introduction to GnuPG (4)
• Linux tips: Encrypting and decrypting files from command line with gpg (3)
• Encrypt Thunderbird Email with Enigmail (7)
• Yoggie PICO Personal Mobile Security Computer (3)
• With Ubuntu 9.10 Arrives Wubi 9.10 (1)

Naturally I use gpg for all of this. And when I am using gpg I am using it from the command line. It’s actually quite easy to use. In this article I will show you how to create a gpg key, encrypt, and decrypt a file. You will find this such an easy task you’ll be using it more than you think.Must I install?

More than likely, if you have a modern Linux distribution, gpg is already installed. If you issue the command which gpg and you get something like /usr/bin/gpg returned, you know you have gpg installed. If you don’t see that you can install it by issuing one of these commands:

sudo apt-get install gnupg

or

yum install gnupg

Once installed you will first have to generate a key. This, too, is done from the command line.

Generate your key

To generate a key issue the command:

gpg –gen-key

Once you enter that you will be asked a number of questions pertaining to your key. These should all be fairly obvious. After you complete the generation of your key make sure you remember the username for the key as well as the passphrase.

Encrypting files

Now let’s get into the good stuff – encrypting files. To encrypt a file with gpg you will use the command structure:

gpg OPTIONS FILE

Because you are encrypting you will have to use the e option. And because you will want to encrypt the file with a specific users’ gpg key you will use the r option. So let’s say you are going to encrypt the file TEST.tgz with the gpg key of user jlwallen. To do this you would issue the command:

gpg -e -r jlwallen TEST.tgz

The resulting file would be TEST.tgz.gpg. If you tried to view the file you would instantly see it is now a binary file. If you try to untar the file you would be informed the file is not in gzip format.

Decrypting the file

Decrypting the file is just as easy as encrypting the file. We’ll stick with the same example. To decrypt the file TEST.tgz.gpg issue the command:

gpg -d -o TEST.tgz TEST.tgz.gpg

You will be prompted for the passphrase associated with the user encryption key used on the file. The d option indicates you are decrypting the file and the o option indicates what file to output the results to. After this command is issued you will be back to the TEST.tgz file.

Final thoughts

Sure there are plenty of gui tools that will make this job even easier. But there are too many instances when needing the command line will enable you to do things you can’t do with a gui.

Related posts

• Recursively encrypt directories with gpgdir (3)
• True Crypt 6 released (3)
• True Crypt 5 adds System Partition Encryption (1)
• Software to defeat Disk Encryption released (3)
• Securing your Pc with True Crypt (27)

If you do not have a key pair generated, Enigmail can even do this for you. So with this extension you can encrypt/decrypt email without having to touch the command line. Pretty sweet. Let’s take a walk through this system.

I am going to assume you know how to install an extension in Thunderbird (I am also going to assume gpg is installed). Knowing that, install the Enigmail extension. Once this extension is installed (and you have restarted Thunderbird), you will notice a new menu entry called OpenPGP. This is where you take care of the setup of Enigmail.

Generate your key pair

Keymanager

The first step is to generate your key pair. This can be done either from command line or from Enigmail itself. From within Thunderbird click the OpenPGP menu and click the Key Management entry to open the key manager window (shown in the image to the left.)

Click on the Generate menu and select New Key Pair to open the key generation window (shown below to the right.)

Keygen Window

From within this new window you have a number of options to consider (which are all fairly self explanatory.)For most instances the defaults will work. The only change you might make is if you do not want the key to expire click the Key Does Not Expire checkbox.

As the window says, during the generation process you will want to go about the business of using your PC in order to help randomize the process of key generation. This even holds true when you are generating keys via the command line in Linux.

If you already have a key on your machine (generated from the command line or some other tool) you can import that key from the same key manager tool shown above. Just click on the File menu and select Import Key from File.

Once your key has been imported into (or generated by) Enigmail you are ready to use Enigmail to encrypt your messages.

Encrypt and Sign a Message

Start composing a new email and you will notice the OpenPGP menu entry has been added. Once you have completed composing your email click on the OpenPGP menu and select Encrypt Message and/or Sign Message to encrypt and/or sign your outgoing messages with your key.

Default Encryption Options

This brings up an issue. If you do not configure Enigmail to not encrypt/sign by default all of your outgoing messages are going to be encrypted and signed. This is a problem when the recipient doesn’t have your key. I highly recommend configuring Enigmail to not encrypt/sign by default. To set this click on the OpenPGP menu entry in the MESSAGE COMPOSITION WINDOW (not the main Thunderbird window). From there click on the Default Composition Options sub menu and then select Signing/Encryption Options. A new window will appear (shown to the left.) Make sure you de-select all of the options in the Message Composition section. Now you have to manually choose to sign and encrypt each message. It’s one extra step but your non-geek friends and family will thank you for it.

Decrypting

Like send mail, you have two options for receiving mail. You can have encrypted mail automatically encrypted or you can do it manually. Of course for either options you have to have the senders’ key imported into the system.

If you click on the OpenPGP menu (in the main Thunderbird menu) you will see an entry for Automatically Decrypt/Verify Messages. If this is checked all incoming encrypted/signed mail will be decrypted/verified. If it is not checked you will have to do this manually by selecting the encrypted/signed email and then clicking the Decrypt/Verifyentry in the OpenPGP menu.

Final Thoughts

And that’s it! Simple email encryption in Linux with Thunderbird and Enigmail. You can, of course, do this manually from the command line, but why make things difficult? If you have needs to encrypt/sign outgoing or incoming email, Enigmail is the perfect solution for every Linux and Thunderbird user. And for those BSD, Solaris, OS/2, Mac, or Windows users there is an Enigmail for you as well.

Related posts

• Secure your files: An introduction to GnuPG (4)
• Recursively encrypt directories with gpgdir (3)
• Cryptography Tutorial (0)
• Yoggie PICO Personal Mobile Security Computer (3)
• With Ubuntu 9.10 Arrives Wubi 9.10 (1)

DriveCrypt is a 1344 Bit disk encryption software using cryptographic algorithms such as AES, Blowfish or Tea 32 that can encrypt partitions, entire hard drives (with the exception of the boot drive) and USB devices. Besides that it can also create encrypted containers on storage devices so that only part of the space is reserved for the encrypted data.

DriveCrypt makes use of on-the-fly decryption to ensure that only the data that is currently needed resides in the computer’s memory to minimize the risk if someone would record and analyse the data in memory.

DriveCrypt is compatible with 32-bit and 64-bit editions of Windows 2000, Windows XP and Windows Vista. Installation is flawless as is the setup of the encrypted storage space. The software starts in simple mode which reduces the elements on the screen to a bare minimum. Experienced users can switch to the advanced mode which is providing them with more options in the interface.

The Simple Mode basically consists of four buttons which are used to create and manage data safes. It is possible to create a new safe, load an existing safe, dismount all safes or to scan for safes on the computer system.

There are usually no safes after the installation and it is up to the user to create the first encrypted safe. It is necessary to define a few parameters like the size of the container and the password but basically anything else including the algorithm is selected by the software program. It is possible to use a normal password or one that spans across four lines to increase security.

The advanced mode provides all the missing options for experienced users. They can select the file system and the encryption algorithm. The ability to create a encrypted partition is only available in the advanced mode like several other options:

• Invisible Containers: Create hidden containers in encrypted containers.
• Hide Data In Music Files: Add data to music files
• Hot Disk Encryption: Encrypt removable devices and make the data inaccessible once their are unplugged from the computer system.
• Password Security: Master Password for administrators, Restricted second user Passwords
  and Second user Password Expiration
• Password Sniffing Protection: protects against password sniffers like trojans or keyloggers.
• Anti Dictionary or Brute Force Attack mechanism: Slows down brute force attacks.
• Disk Wiping: DriveCrypt is able to delete the free space on a storage device so that the data is not recoverable.
• External Hardware Support: Works with fingerprint and smartcard readers, as well as USB token
• Works on any Storage Medium: Works on hard drives, removable devices including CDs and DVDs, basically anything that can be used to store data.

DriveCrypt offers an easy way to create encrypted containers for data on their storage devices. You can win one out of 50 licenses for DriveCrypt by writing a comment below.

Related posts

• Increase True Crypt AES performance (7)
• Defeating Disk Encryption (7)
• Software to defeat Disk Encryption released (3)
• Disk Encryption Software TrueCrypt 6.3 Released (4)
• True Crypt 6.1 Released (4)

A SSH connection can be used to use an encrypted channel to transfer the unencrypted data so that the data is protected from third parties. To make use of this encrypted channel a connection has to be established and maintained between the local computer and a SSH server on the Internet. If your Email provider would offer SSH access for instance it could be setup to create a connection with their SSH server to retrieve and send emails.

My Encrypted Tunnel is a free application that makes use of Putty Link to establish an SSH connection:

MyEnTunnel is a simple system tray application (or NT service) that establishes and maintains TCP SSH tunnels. It does this by launching Plink (PuTTY Link) in the background and then monitors the process. If the Plink process dies (e.g. connection drops, server restarts or otherwise becomes unreachable) MyEnTunnel will automatically restart Plink to reestablish the tunnels in the background. It tries to use as little CPU and system resources as possible when monitoring (When the “Slow Polling” option is enabled it only does one context switch per second).

It can also be used to exchange data between two computers. To do this one computer needs to act as the SSH Server. Users looking for an advanced Windows client with additional functionality might find it in Tunnelier which is free for personal use.

Related posts

• SFTP And SSH Server For Windows (0)
• Run SSH Server For Remote Desktop Connections (6)
• FreeSSHd A Free SSH Server For Windows (7)
• Windows SSH Server WinSSHD (3)
• Top Xp Freeware that every user needs part 3 (5)

GnuPG, in technical terms, utilises a mixture of symmetric-key cryptography and public-key cryptography. This basically means a person generates a pair of keys; one of which is publicly shared and one is not. The publicly shared key is used to people can encrypt data for a specific person whilst the private key is used to decrypt, encrypt and sign data.

If you encrypt data to only be decrypted only by your private key and you carry your private key on another medium of storage, the data you encrypted will be effectively impossible to decipher.

To get started with GnuPG, you must download GnuPG which is free and open-source.

GnuPG is available for effectively all operating systems. After you have downloaded and installed GnuPG, it might be wise to download a graphical interface because it is command line based.

Some GUIs focus on the management of keys, such as the generation of them and storing other people’s public keys, whilst others focus on the encrypting/decrypting.

WinPT is a popular Windows option. As for encrypting and decrypting, there are many choices including Enigmail for Thunderbird, FireGPG for Firefox and WinPT also provides facilities to do this.

With a GUI, it is fairly easy to get to grips with GnuPG. Most key managers provide wizards for the generation of keys.

To obtain someone’s public key, so you can send data to them securely, you could either ask them or go onto a keyserver such as pgp.mit.edu, copy their key into Notepad and then import it into your key manager.

It is essential to send your keys to keyservers, I would suggest pgp.mit.edu, and this can be done either through the GUI or through exporting your public key and uploading it to these sites. Once you have someone’s public key, and you are sure it belongs to them and is not a hoax, you can sign the key inside your key manager and then submit it, so people know that key is authentic.

Key software to get started with GPG

1. GnuPG is absolutely necessary. There is a Windows binary available.
   
2. A GUI is also necessary. For Windows users, WinPT is a safe bet.
3. If you use Thunderbird, install Enigmail. If you use Firefox, install FireGPG.

If you have installed GPG and would like to try it out, feel free to send me an encrypted email. My email is computerjoe (at) gmail.com and my key is on this page.

Related posts

• Encrypt Thunderbird Email with Enigmail (7)
• Cryptography Tutorial (0)
• True Crypt 6 released (3)
• Securing your Pc with True Crypt (27)
• Recursively encrypt directories with gpgdir (3)

Rohos Mini Drive was specifically designed with USB drive encryption and ease of use in mind. It uses the 256-bit AES as the encryption algorithm and can create encrypted partitions with a maximum size of 1 Gigabyte. The program does not require installation and can be run right of the USB drive.

So how does this work? The user executs the Rohos Mini Drive software which will automatically detect usb drives that are connected to the computer. One usb drive will be selected automatically but the user can change to another one if multiple drives are connected to the computer.

He then specifies a password that will be used to decrypt and encrypt the data in the partition of the usb drive.

This procedure is not that different from encrypting an USB drive with True Crypt. Rohos Mini Drive however comes with a feature that makes it possible to access the data without administration rights. The software comes with another program called Rohos Mini Drive which is a simple disk browser. This tool can be used to browse the contents of the encrypted usb drive without admin rights.

Rohos Mini Drive comes with two additional interesting features. The first is a virtual keyboard which can be used to defeat keyloggers on a computer while the second is an autostart folder to start applications immediately after connection.

Related posts

• True Crypt 6 released (3)
• Securing your Pc with True Crypt (27)
• Encrypting an USB Drive with True Crypt (11)
• Data Can Leak From Partially Encrypted Systems (6)
• True Crypt 5 adds System Partition Encryption (1)

The developers of the application have released the software, or more precisely the source code, that they have created for their research paper which can be freely downloaded from the project’s website. Available are the tools to create an image of the system memory, the automatic key finding applications and a program for error-correction for AES key schedules.

Two memory imaging tools (USB / PXE Imaging Tools and EFI Netboot Imaging Tools) and Automatic key-finding (AESKeyFinder and RSAKeyFinder) are available on the website.

The research paper can also be downloaded from the website along with frequently asked questions.

Related posts

• Increase True Crypt AES performance (7)
• Ghacks Christmas Giveaway: DriveCrypt (86)
• Disk Encryption Software TrueCrypt 6.3 Released (4)
• Defeating Disk Encryption (7)
• True Crypt 6.1 Released (4)

I’m a bit puzzled that it took them so long to figure out that every kind of application that is logging or saving temporary data might reveal information about such hidden data. Maybe I got it wrong and missed something but if that is not the case I might call this finding rather obvious.

If I have a Word document on an encrypted partition and open it with Word it gets added to the recently accessed files list in Word as far as I know. The research paper has already been published and can be downloaded freely. The name of the document is “Defeating Encrypted and Deniable File Systems:
TrueCrypt v5.1a and the Case of the Tattling OS and Applications”.

The research paper is well written and understandable for users with a technical background but most other users as well. What they are basically saying is that information can be found in operating systems and applications that could link to data in encrypted and hidden partitions. Some of the examples mentioned in the paper are Word auto-saves, recent files lists and Google Desktop.

The researchers are also assuming that a user would reveal the encrypted partition but not the hidden partition located inside of the encrypted partition which is plausible. An analyst would only have to find evidence for the existence of a hidden partition to defeat its purpose. That does not mean that he would be able to decrypt the data but he could gather information by analysing the operating system and the installed applications.

Related posts

• True Crypt 6 released (3)
• Securing your Pc with True Crypt (27)
• Encrypting an USB Drive with True Crypt (11)
• Encrypt USB Drives (8)
• True Crypt 5 adds System Partition Encryption (1)

Version 6 of True Crypt introduces several interesting features and improvements. Users with multi-core CPUs will see a huge speed increase due to the multi-core support that has been implemented in True Crypt 6. Each additional cpu core will increase encryption and decryption performance by 100% which means that a quad core cpu will be 400% faster than a single core cpu of the same speed. Mounting will also benefit from multi-core CPUs.

Another interesting addition is the option to use a fully encrypted and hidden operating system that can be installed in a hidden True Crypt partition. That’s basically the hidden container on a encrypted partition feature ported to operating systems, very useful in my opinion.

Backup Headers were introduced in this version of True Crypt as well. Previously one header was used to determine the size of the encrypted partition. If something happened to that space on the hard drive the partition or container could no longer be mounted and that all data would be lost. The backup header is a second header for this case which reduces the likeliness of this.

Mac OS X and Linux users can now create hidden volumes as well. The most important additions to this version are in my opinion multi-core support and the option to install a hidden operating system.

Related posts

• Encrypting an USB Drive with True Crypt (11)
• Increase True Crypt AES performance (7)
• Drag and Crypt Ultra (2)
• Securing your Pc with True Crypt (27)
• Scan Computer for password protected files (2)

The Pidgin Encryption plugin adds encryption to Pidgin by generating a public and private key during activation. Let me give you a short rundown on that encryption scheme. The public keys are accessible by all of your contacts which can use them to encrypt their messages. The only person who can decrypt those messages is the one with the private key that builds a pair with that public key. It comes down to swapping the public keys so that messages can be encrypted and decrypted on the fly.

Thankfully Pidgin does most of that automatically. There is no need, like in other applications, to transfer the public key on a different way to the other users. The keys are automatically created and the public key is automatically transferred to all contacts. There is however the possibility to exchange the keys using different way to increase the security. Meet your friend at a secret location and hand him the self destructing disk with your public key..

You obviously need Pidgin for that and the Pidgin Encryption Plugin. You can regenerate your key in the preferences and change the default size of 1024 bits to a value between 512 and 4096 bits. Make sure that both “Automatically Encrypt” boxes are checked. A list of the public keys of your buddies is also available in the preferences.

By default the conversations take place unencrypted. A user needs to press the TX button to encrypt the messages. If the user on the other end is not using the plugin he will see a notification that the message is encrypted and that he needs the plugin. If that is the case the TX button will show to be secure while the RX button will be plain. (I guess TX stands for Transmit while RX for Receive)

To always use encryption when chatting with a specific user you need to right-click that user and select Turn Auto-Encrypt On. To avoid man in the middle attacks you need to compare keys with your buddy. This can be done in the Pidgin preferences. I suggest another way of communication to compare the keys. (phone, irc, voip)

A last tip. If you use multiple computers you probably want to make sure that all use the same keys. You can do that by moving the keys from .pidgin directory in *nix or in the application data directory in Windows to the new computer. The keys are stored in the three files:

• id.priv (private keys)
• id (public keys)
• known_keys

Each line of the files represents one key which means that you can also copy only selected keys to the other machine.

Related posts

• Koolim Web Messenger (7)
• Imo.im a Meebo alternative (8)
• Coccinella Chat Client With Whiteboard (8)
• Dig Digsby, You Have Good Reason to (7)
• Yahoo! Messenger Buddy Spy (6)

The file size limit for this application is about half the size of your RAM meaning the maximum file size on a computer with 1024 Megabyte of RAM is roughly 512 Megabytes. The author suggests to use True Crypt for large files instead. Multiple files and folders can be dropped on the dropzone which will then all be encrypted with the same encryption key. That’s right, you will be asked to enter an encryption key, a password, which you have to remember to decrypt the files again.

There is obviously no way to save the password in the application because it would make the whole process superfluous. The original file will remain untouched unless you check the option to securely erase source files once they have been encrypted or decrypted.

Another option might prove useful. You can add an entry to the right-click menu for faster access to the application. I really like the ease of use and think that Drag and Crypt Ultra could be a great asset for users who do not want to create a True Crypt container or Partition but still want to protect some of their files and folders.

Related posts

• True Crypt 6 released (3)
• Increase True Crypt AES performance (7)
• Encrypting an USB Drive with True Crypt (11)
• Scan Computer for password protected files (2)
• Zip Repair (3)

I could ask my friend and admit that I did not look into it yet and make myself look a little bit lost or try to find the file by myself. I naturally decided to try to find it on my own first and use my friend as a last resort.

The application that helped me find it was the Passware Encryption Analyzer, the free version of it to be precise. This tool scans the computer or selected folders / drives for encrypted or passworded files. It lists everything that is found in a table with information such as name, location, file type and date modified.

The software detects lots of different file types including archives, Microsoft Office documents that have been password protected but also other file types like pdf documents or Bestcrypt files.

The free version has the limitation that it is not able to recover the passwords but that should not be necessary most of the time.

Related posts

• True Crypt 6 released (3)
• Increase True Crypt AES performance (7)
• Encrypting an USB Drive with True Crypt (11)
• Drag and Crypt Ultra (2)
• Zip Repair (3)

The solution is a little bit complicated because you have to compile a source to get it to work. The benefit however is a much better performance of that algorithm which has been programmed in Assembler in comparison to the one programmed in C that True Crypt is using by default.

The increase is amazing. The bandwidth increases by about 20 MB/s from 66 MB/s to 85 MB/s on the system of the user who discovered it. It depends on the hard drive of course but everyone should see a gain in the end.

You will need the following to compile the algorithm source and True Crypt:

• Microsoft Visual Studio 2005 with SP1
• Microsoft Visual C++ 1.52
• Windows Driver Development Kit (DDK) Vista Build 6000
• YASM

You can read the full instructions in this thread. I was not able to locate a precompiled version of True Crypt with this faster AES algorithm yet. If anyone comes up with a trustworthy download source let me know. I unfortunately do not have Microsoft Visual Studio 2005.

Related posts

• True Crypt 6 released (3)
• Encrypting an USB Drive with True Crypt (11)
• Drag and Crypt Ultra (2)
• Scan Computer for password protected files (2)
• Ghacks Christmas Giveaway: DriveCrypt (86)

I don’t want to point out all of the valid reasons for encrypting a drive or partition with True Crypt other than pointing out some key elements such as privacy and theft protection.

You obviously need True Crypt for this guide, the latest available version for Windows is 5.0a. Download and install the software as usual and start it afterwards. The main True Crypt window will load and look like the following:

You obviously need to make some decisions before you continue. True Crypt can encrypt a partition or create an encrypted container on a hard drive. The choice is yours, I prefer to encrypt the whole partition. The benefits of using a container  are that some data of that drive is accessible without True Crypt. This guide will encrypt the full USB drive.

Click on the Create Volume button in the lower left corner. A window will appear asking about the type of volume that you want to create. The choices are to create an encrypted container, encrypt a partition / drive or encrypt the system partition (the one running Windows).

We are going to create a volume within a non-system device and check the second option in that screen. The next window gives us the choice to create a standard or hidden True Crypt volume. Hidden volumes are created in standard volumes. The reason is to give up only the standard password and not the password for the hidden volume when someone forces you. We are creating a standard volume therefor.

Now we are selecting the device that we want to encrypt, in my case the new USB drive. Next in the line are the encryption options. Which encryption and hash algorithm are you going to use. My selection was AES and SHA-512. You can run benchmarks in that window and get additional information about each algorithm. All algorithms are secure (unless someone proves otherwise, which has not happened yet)

The  Volume Password is probably the most important part.You access your files with it and if you happen to forget it your files are lost.Make sure you use a large string, something that is not a dictionary word and not a combination of them. You should also forget about using personal information like birthdays, names or places.

A password should be at least made of 20 characters and be made of upper and lower case chars, numbers and special chars. The maximum amount of chars is 64.

A keyfile can be created as well which then works in combination with the password. You get access to the encrypted hard drive only if you supply the keyfile and the password. The keyfile is simply a file on your computer which you select or generate during setup.

The drive will be formated in the end. You need to move your mouse randomly around the screen for some time to improve the quality of the encryption keys. The file system should and cluster size can remain as is unless you need them to be different. I’m using Quick Format since there have not been any files on the USB drive previously. The process is finished after this step. You need to mount the drive now to be able to use it.

Select a drive letter currently not assigned and  click on Select Device afterwards in the main menu. Now select the partition or drive that you have encrypted and click on ok.

Now click on Mount which opens up a password box where you have to enter the password that you have selected during setup. Click ok afterwards and work with the hard drive normally from there on if the password was correct. I was not able to experience any major slowdowns due to the encryption, everything runs smooth and solid and even large file transfers and many connections work as usual.

Related posts

• True Crypt 6 released (3)
• Increase True Crypt AES performance (7)
• Drag and Crypt Ultra (2)
• Securing your Pc with True Crypt (27)
• Scan Computer for password protected files (2)

What they did was to boot the computer from an USB drive that would load a RAM dumping program. Tests conducted by the University of Princeton showed that it took between seconds and minutes before data that was stored in RAM was completely erased. The RAM also vanished in a predictable manner.

It’s interesting to see that cooling the RAM down to minus 50 degrees prolonged the time the data was readable, it was clearly readable after ten minutes. It’s a very interesting video in my opinion.

If you never thought about using a BIOS password and disabling booting from USB devices and CD / DVD before you should start thinking about it right now. That is if you use disk encryption.

Related posts

• Increase True Crypt AES performance (7)
• Ghacks Christmas Giveaway: DriveCrypt (86)
• Software to defeat Disk Encryption released (3)
• Disk Encryption Software TrueCrypt 6.3 Released (4)
• True Crypt 6.1 Released (4)

Yet there was always the danger of temporary files, history records and the like that could give valuable clues to a possible attacker. This is no longer a point to worry about with System Partition encryption. This allows a user to encrypt his system partition, i.e. the partition or hard drive with Windows or another operating system on the fly so that no one may access the data on the system if he can’t provide the password during bootup.

True Crypt 5 adds a boot loader to the system which will ask for the password so that the system can boot. I’m planning to encrypt my whole system in the next few days. If you plan to do the same make sure you create a rescue disc to be on the safe side if something goes wrong.

Never had a problem with True Crypt in the entire years though. This major release has seen several other changes which are worth mentioning. True Crypt 5 is available for Mac OS X as well which means all major operating systems (Windows, Linux Mac) are supported right now.

The Linux version received a graphical user interface and the read / write speed was increased by up to 100% on Windows systems due to pipelined operations.

Last but not least a new algorithm was added and one removed. The SHA-512 hash algorithm replaced the SHA-1 algorithm).

What are you waiting for ? Go grab it now !

Related posts

• True Crypt 6 released (3)
• Securing your Pc with True Crypt (27)
• Increase True Crypt AES performance (7)
• Encrypting an USB Drive with True Crypt (11)
• Encrypt USB Drives (8)

It integrates itself seamlessly into the Windows Explorer context menu offering fast access to encrypting and decrypting functions. One interesting feature is to divide the password to decrypt files. It is for instance possible to save 50% of the password on a keydisk and 50% as a password that you have to remember. A file could only be decrypted if the keydisks would be accessible and if the correct password would be entered.

Another application would be to share the password between users which would mean that all users had to enter their part of the password to decrypt the file or folder that had been encrypted before.

Another interesting feature is the ability to wipe files and free disk space. If you want to make sure that “normal” users can’t recover files that you deleted you should use this option. Recovery tools like Recuva will not be able to recover files that have been wiped using this methods.

A pretty unique feature is the ability to change the algorithm that has been used to encrypt the files and folders. This could be useful if someone would have detected a method to defeat an algorithm to ensure the safety of the files.

Related posts

• My Encrypted Tunnel (1)
• Disk Encryption Software TrueCrypt 6.3 Released (4)
• ZoneScreen Finally Gets 64-bit Update (6)
• ZC DVD Creator Platinum [Free Full Version] (16)
• Youtube Videos Downloader TubeQueue (14)