If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
encrypt folder, recommendations?
I am going to install a crypto wallet on my w7 ult, and want to encrypt
the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? |
Ads |
#2
|
|||
|
|||
encrypt folder, recommendations?
On Fri, 20 Apr 2018 18:26:12 -0700, Mike S wrote:
I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? "Magic Folders" |
#3
|
|||
|
|||
encrypt folder, recommendations?
Mike S wrote:
I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? Windows 7 Ultimate should have EFS = Encrypted File System (requires using NTFS) If you use EFS, make damn sure you setup a recovery agent. There is no backdoor, so if you forget the password (your Windows login) then the data is lost forever. Obviously you must have a non-blank Windows login for EFS to have something with which to encrypt. https://www.tomsguide.com/us/encrypt...ews-18314.html I've lost data because of having to rescue or replace a failed HDD, installed a fresh copy of Windows, but lost access to the EFS-encrypted files on another HDD. The same login doesn't work. A secure hash is saved in a protected section of the registry (cryptohive) and it is unique to the instance of Windows under which it was created. That's why you need to assign a recovery agent. I didn't so I lost the EFS files. I later moved to TrueCrypt. While it can be used for whole-disk encryption (but only in BIOS/MBR setups, not with UEFI/GPT - although the Veracrypt variant is supposed to support UEFI), I only use it to create encrypted containers. What folder hierarchy you create in the TC container is your choice, just like however you create folders and subfolders in the regular file system. You use TC to mount the container. You are prompted for the password. After mounting, access no longer requires a password until the volume gets unmounted. If you get TrueCrypt, do NOT get it from the old Sourceforge site. When the authors abandoned the program (or were forced to leave after deciding not to get forced into adding a backdoor by the US gov't), they crippled TC so it was read-only. You could used the last version to mount and read previously created TC containers but not created new ones. The last full-featured version of Truecrypt was 7.1a. There are newer variants of Truecrypt, like Veracrypt (also free). As I recall, Bestcrypt Traveller (and only that edition) is also free. Since you are creating an encrypted archive file using TC, it is portable. Move it anywhere and use TrueCrypt there to mount and access that encrypted container. You aren't stuck into a particular instance of Windows which is what happens when using EFS. |
#4
|
|||
|
|||
encrypt folder, recommendations?
Mike S wrote:
I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? If you have an image program like Acronis then image the folder with a password and then delete the original. Restore from image when you need it. -- Zaidy036 |
#5
|
|||
|
|||
encrypt folder, recommendations?
On Fri, 20 Apr 2018 18:26:12 -0700, Mike S wrote:
I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? My opinion is to use simple, safe and proven TrueCrypt to create an encrypted volume which your machine treats as another drive. It eliminates having to have untrusted and separate programs for files and folder encryption. As far as I'm concerned, I trust none of the newer encryption methods. TC is proven. Period. TC will NOT work with UEFI bios. I learned that the hard way by blowing my Windows 7 Ultimate machine by trying it. Luckily I had everything backed up with the Windows 7 backup utility plus a repair disk. I regained everything through foresight. Why didn't I use Redmond's BitLocker? You're kidding, right? Everything I've read so far says VeraCrypt does not work with UEFI. I could be wrong. But VeraCrypt is much too new to be trusted. It hasn't been through the government wars yet, as has TC. I also read of multi problems in the forums. Go with a TC volume. Full disk encryption is much better, but it's a pain in the butt to keep your drive backed up. That's for more knowledgeable users. Just my opinion after years of using TC on my older Windows machines. |
#6
|
|||
|
|||
encrypt folder, recommendations?
On Sat, 21 Apr 2018 15:11:54 -0000 (UTC), Zaidy036 wrote:
Mike S wrote: I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? If you have an image program like Acronis then image the folder with a password and then delete the original. Restore from image when you need it. -- Zaidy036 I would never trust a program that has encryption simply as an add-on. Acronis has had many problems in recent years. Many complaints in the forums. That's why I still use a much older version. Just because an outfit says their program contains encryption is no guarantee of how well that encryption has been implemented. Simply using some AES,or whatever encryption template code means little. Many so-called encrypted proggies have been broken because of poor implementation. In encryption, reputation - gained over a good deal of time, and battles with hackers, private and government ones, are to me the sole criterion by which an encryption program can be trusted. However, how much security you really need is really dependant on the importance of what info you are trying to protect. That's your call. |
#7
|
|||
|
|||
encrypt folder, recommendations?
On Sat, 21 Apr 2018 09:38:01 -0500, VanguardLH wrote:
If you get TrueCrypt, do NOT get it from the old Sourceforge site. When the authors abandoned the program (or were forced to leave after deciding not to get forced into adding a backdoor by the US gov't), they crippled TC so it was read-only. You could used the last version to mount and read previously created TC containers but not created new ones. The last full-featured version of Truecrypt was 7.1a. There are newer variants of Truecrypt, like Veracrypt (also free). I've been using VeraCrypt for several years, and I recommend it. It can read and write TrueCrypt volumes, but it can't create TrueCrypt volumes. I don't know the technical details of the differences between a TrueCrypt volume and a VeraCrypt volume, but I imagine they include a fix for the security hole that was found in TrueCrypt when its code was audited. Wikipedia seems to disagree with my memory about a security hole being found in audit: https://en.wikipedia.org/wiki/Truecrypt Probably Wikipedia is right and I'm wrong. Maybe I have a distorted memory of the anonymous TrueCrypt authors' claim that TrueCrypt contained security problems. Anyway, VeraCrypt works like TrueCrypt, and it's free. -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#8
|
|||
|
|||
encrypt folder, recommendations?
On Fri, 20 Apr 2018 18:26:12 -0700, Mike S wrote:
I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? Isn't the "crypto wallet" already encrypted? -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#9
|
|||
|
|||
encrypt folder, recommendations?
On Sat, 21 Apr 2018 10:46:44 -0500, wrote:
My opinion is to use simple, safe and proven TrueCrypt VeraCrypt, you mean. https://en.wikipedia.org/wiki/Truecrypt -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#10
|
|||
|
|||
encrypt folder, recommendations?
On Sat, 21 Apr 2018 14:58:44 -0400, Stan Brown wrote:
On Sat, 21 Apr 2018 10:46:44 -0500, wrote: My opinion is to use simple, safe and proven TrueCrypt VeraCrypt, you mean. No, I didn't mean VeraCrypt. I meant what was posted - TrueCrypt. VeraCrypt is unproven until Uncle Sam and lesser jurisdictions go after it and fail, and then have to try to get it opened by court order. That's the story of TrueCrypt. Until then, I trust TrueCrypt, not VeraCrypt. My info, my choise. |
#11
|
|||
|
|||
encrypt folder, recommendations?
On Sat, 21 Apr 2018 14:57:03 -0400, Stan Brown wrote:
On Sat, 21 Apr 2018 09:38:01 -0500, VanguardLH wrote: If you get TrueCrypt, do NOT get it from the old Sourceforge site. When the authors abandoned the program (or were forced to leave after deciding not to get forced into adding a backdoor by the US gov't), they crippled TC so it was read-only. You could used the last version to mount and read previously created TC containers but not created new ones. The last full-featured version of Truecrypt was 7.1a. There are newer variants of Truecrypt, like Veracrypt (also free). Edited Out Wikipedia seems to disagree with my memory about a security hole being found in audit: https://en.wikipedia.org/wiki/Truecrypt Probably Wikipedia is right and I'm wrong. Maybe I have a distorted memory of the anonymous TrueCrypt authors' claim that TrueCrypt contained security problems. The so called security hole found in TrueCrypt was of no consequence. Read the report. The CIA, FBI, and local police have had to go to court to open up someone's TrueCrypt disk. One time, an ex-husband supplied the password to his ex-wife's encrypted drive. That's the only way the feds broke it. TrueCrypt has not ever been hacked - unless your password might be the name of the family pooch. Some people are that stupid. Use a passphrase created with Diceware and you won't have to worry about TC being hacked. The real question oncemore is simply how important is your info, and how many people would really give a dang about trying to get it? That'll determine how absolutely sure you have to be about it being safe. However, TC volumes are so easily created and backed up, it's a no-brainer as far as I'm concerned, even for simple non-important "secret info". Just an opinion. -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA |
#13
|
|||
|
|||
encrypt folder, recommendations?
On 4/21/2018 11:58 AM, Stan Brown wrote:
On Fri, 20 Apr 2018 18:26:12 -0700, Mike S wrote: I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? Isn't the "crypto wallet" already encrypted? I want another layer. |
#14
|
|||
|
|||
encrypt folder, recommendations?
mel wrote:
TC will NOT work with UEFI bios. I learned that the hard way by blowing my Windows 7 Ultimate machine by trying it. Luckily I had everything backed up with the Windows 7 backup utility plus a repair disk. I regained everything through foresight. To be accurate, Truecrypt won't work when used for whole-disk encryption on a UEFI computer. It still does work when creating .tc containers holding the encrypted files. Why didn't I use Redmond's BitLocker? You're kidding, right? Again, whole-disk encryption. The OP only wanted to protect the contents of a folder, not the whole disk. As I recall, the vulnerability in Bitlocker wasn't in the program but in the TPM chip in the computer. So I did a search to check. https://www.softcat.com/news/tpm-vul...tion-impacted/ https://support.microsoft.com/en-us/...ability-in-tpm Everything I've read so far says VeraCrypt does not work with UEFI. I could be wrong. Yep, you're wrong. It's Truecrypt that won't work with UEFI but only if you use TrueCrypt for whole-disk encryption. But VeraCrypt is much too new to be trusted. It started with the TrueCrypt code (because it was open source). The audits found some weaknesses or deficiencies. As I recall Veracrypt only addressed some of them, like 6 out of 22. One was to support UEFI. How long was it before TrueCrypt got any auditing? 11 years. How many open source programs ever get audited? Being open source means they are open to inspection but they rarely get inspected by an independent 3rd party plus you have to assume the compiled executable used the open source code that could be reviewed. Veracrypt got audited 3 years after they adapted TC; see: https://www.zdnet.com/article/veracr...ritical-flaws/ "VeraCrypt 1.8 and its bootloaders contained a total of eight critical vulnerabilities, three medium flaws and 15 additional bugs of low importance." "The majority of these problems have been fixed in VeraCrypt 1.19" "The remaining problems present have all come from the days of TrueCrypt, and fixing them at the moment could cause issues with backward compatibility." Unlike the TC authors who remained anonymous and were slow to make changes and disappeared after the first audit and weren't around after abandoning TC (and made it read-only) before the 2nd audit, Veracrypt is a lot more responsive to fixing their product. IDRIX inherited the problems found in TC. Go with a TC volume. Full disk encryption is much better, but it's a pain in the butt to keep your drive backed up. That's for more knowledgeable users. Unless you are programming new software that needs to be protected, why do you need whole-disk encryption for programs that aren't yours and that anyone can get? Just my opinion after years of using TC on my older Windows machines. The problem with TC, BestCrypt, VeraCrypt, and other tools creating container files with encrypted data is that they possess static protection. While the files are inside, they are very secure. When you mount the container and open any files therein is when you lose security due to buffers in memory, pagefile, and other artifacts in opening and accessing the contents of files. In situ, the files are safe. In use, they aren't so secure anymore. That's probably why some users go to using whole-disk encryption; however, memory gets reallocated, pagefile can be wiped on shutdown, and so on to placate the paranoids of which most don't have anything they really need to secrete from a gov't but perhaps from a business competitor. |
#15
|
|||
|
|||
encrypt folder, recommendations?
In message , Zaidy036
writes: Mike S wrote: I am going to install a crypto wallet on my w7 ult, and want to encrypt the folder it lives in. Are there any open source encryption packages that will let me encrypt individual folders, or even individual files, that anyone can recommend? If you have an image program like Acronis then image the folder with a password and then delete the original. Restore from image when you need it. (Regardless of whether you consider the encryption in Acronis or whatever to be any good the "delete" in the above would be "delete with extreme prejudice", i. e. use one of the many utilities that overwrite. (With modern drives I don't think you'll need multiple overwrites.) Plus what (ITIW) VanguardLH said about buffers, pagefiles, etcetera. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf What's awful about weird views is not the views. It's the intolerance. If someone wants to worship the Duke of Edinburgh or a pineapple, fine. But don't kill me if I don't agree. - Tim Rice, Radio Times 15-21 October 2011. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|