Re: Folder encryption

Secure Home | Search | About

Lost Password?

Microsoft Applications Security

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Re: Folder encryption

Robin Colleen Moore

01-04-2007

Re: Folder encryption

Robin Colleen M...

01-04-2007

Re: Folder encryption

B-Man

01-04-2007

Re: Folder encryption

jwgoerlich

01-05-2007

Re: Folder encryption

jwgoerlich

01-05-2007

Re: Folder encryption

Alun Jones

01-05-2007

Re: Folder encryption

B-Man

01-05-2007

Re: Folder encryption

Alun Jones

01-08-2007

Re: Folder encryption

mozait

01-05-2007

Posted by Robin Colleen Moore on January 4, 2007, 2:24 am

If you were Registered and logged in, you could reply and use other advanced thread options

> The program PGP? Dunno I don't use it.

I don't think even the freeware PGP can create an encrypted folder on
Windows XP.

At best, I think, the freeware PGP can encrypt a folder and its contents to
an encrypted file, but the use model everyone wants is a folder that works
like a normal folder but any file put in it can only be "taken out" in a
session where the password is supplied at least once during that session.

I'll try the other suggestions and let you know if they supply an encrypted
folder. The freeware "Cryptainer LE" suggestion looks promising but it uses
128 bit blowfish encryption. That name alone scares me.

Is "128 bit blowfish" encryption secure?

Robin

On Tue, 2 Jan 2007 21:55:04 -0600, ellis_jay wrote:

> Robin Colleen Moore wrote:

>> On Tue, 2 Jan 2007 12:57:14 -0600, ellis_jay wrote:

>>> co10 wrote:

>>>> I have a folder on my computer that I wish to

>>>> restrict access, and to restrict access in DOS, Safe Mode etc.

>>>> Can anyone recommend any freeware for the job.

>>> English version of AFS

>>> http://www.osborn-software.net/

>> This AFS recommendation sounded useful except I looked up the

>> Advanced File Security freeware program at and it says on the FAQ

>> that AFS can't encrypt folders.

>> From the AFS FAQ http://www.osborn-software.net/afs3_faq_frame.html

>> Q: Can I prohibit access to folders with AFS?

>> A: No, AFS can't prohibit the access to folders.

>> Because folder access rights are dependend from the operating

>> system and so the only possibilty to grant authorized access is

>> encryption.

> I forgot about that. And I use the program...mybad...

>> Alas, it would be nice to have one folder with automatic encryption to

>> store confidential files. Do you think PGP will automatically encrypt

>> and decrypt access to a folder instead?

> The program PGP? Dunno I don't use it.

Posted by Robin Colleen Moore on January 4, 2007, 3:34 am

If you were Registered and logged in, you could reply and use other advanced thread options

On Thu, 04 Jan 2007 08:01:36 GMT, Father Guido wrote:

>>Is "128 bit blowfish" encryption secure?

> Blowfish is a good encryption method.

Thanks.

By the way, WATCH OUT for that #5 suggestion in this thread!

Given that the "Cryptainer LE" freeware folder encryption is limited to 25
Mb, and given that the version 3.03 download of InstantLockLite seems to
actually be the version 2.5 shareware, I'm testing the third
recommendation:

#5 of http://www.freedownloadscenter.com/Search/folder_lock.html
which is Secrecy File and Folder Hider 2.4.0.0
http://www.freedownloadscenter.com/Utilities/File_Cataloging_Utilities/Secrecy_File_and_Folder_Hider.html
whose homepage is http://www.secrethider.com/

However, when you install this "secrecy file and folder" supposed
"freeware", you must accept TWO agreements! One called "User License
Agreement" to install the software and ANOTHER one to agree to something
called "New.net Domains Terms and Conditions" (but you can't agree unless
you're 18 years or older). Huh?

These conditions scare me (do they scare you?).

For example, they say:
"The primary functions of New.net Domains are enabled by the
installation of certain software components in the Winsock
Layered Service Provider (LSP) stack of your computer.
LSP components must be installed and removed properly;
otherwise, you can lose your Internet connection."

Would YOU agree to this "New.net Domains" additional agreement (which
apparently installs something into your browser address bar whether or not
you want it to which they explain by saying "New.net Domains overrides any
competing applications with similar functionality such as Internet
Explorer.".

Huh? Is this Secrecy File and Folder Hider really freeware or is it a
trojan masquarading as freware?

Posted by B-Man on January 4, 2007, 4:01 pm

If you were Registered and logged in, you could reply and use other advanced thread options

if you want to use Cryptainer i would be glad to email you a free serial as
i have ALOT i had 10 computers in my residence and they have since become
too old to even bother booting

the serial would give you Cryptainer PE which has a virtual drive size limit
of 25GB and 448bit Blowfish ( yes blowfish is a secure ENCRYPTION ALGORITHM
not tropical dinosaur )

please email me for this code if you wish,
Brian M

>> The program PGP? Dunno I don't use it.

> I don't think even the freeware PGP can create an encrypted folder on

> Windows XP.

> At best, I think, the freeware PGP can encrypt a folder and its contents

> to

> an encrypted file, but the use model everyone wants is a folder that works

> like a normal folder but any file put in it can only be "taken out" in a

> session where the password is supplied at least once during that session.

> I'll try the other suggestions and let you know if they supply an

> encrypted

> folder. The freeware "Cryptainer LE" suggestion looks promising but it

> uses

> 128 bit blowfish encryption. That name alone scares me.

> Is "128 bit blowfish" encryption secure?

> Robin

> On Tue, 2 Jan 2007 21:55:04 -0600, ellis_jay wrote:

>> Robin Colleen Moore wrote:

>>> On Tue, 2 Jan 2007 12:57:14 -0600, ellis_jay wrote:

>>>

>>>> co10 wrote:

>>>>> I have a folder on my computer that I wish to

>>>>> restrict access, and to restrict access in DOS, Safe Mode etc.

>>>>> Can anyone recommend any freeware for the job.

>>>

>>>> English version of AFS

>>>> http://www.osborn-software.net/

>>>

>>> This AFS recommendation sounded useful except I looked up the

>>> Advanced File Security freeware program at and it says on the FAQ

>>> that AFS can't encrypt folders.

>>>

>>> From the AFS FAQ http://www.osborn-software.net/afs3_faq_frame.html

>>> Q: Can I prohibit access to folders with AFS?

>>> A: No, AFS can't prohibit the access to folders.

>>> Because folder access rights are dependend from the operating

>>> system and so the only possibilty to grant authorized access is

>>> encryption.

>> I forgot about that. And I use the program...mybad...

>>>

>>> Alas, it would be nice to have one folder with automatic encryption to

>>> store confidential files. Do you think PGP will automatically encrypt

>>> and decrypt access to a folder instead?

>> The program PGP? Dunno I don't use it.

Posted by on January 5, 2007, 8:36 am

If you were Registered and logged in, you could reply and use other advanced thread options

Hello Robin,

I am late to this thread and, since I do not see the entire
conversation, am likely missing a few details. My apologies if I repeat
anything.

The first question that pops into my mind is why you are looking for a
3rd party encryption utility? Windows XP comes with built-in
encryption. This is Encrypting File System (EFS). I use it all the time
and it works well.

> Is "128 bit blowfish" encryption secure?

Relatively, yes. Blowfish is an older symmetric block cipher. EFS uses
Advanced Encryption Standard (AES), which is also symmetric cipher. AES
is newer than Blowfish and has a larger key space (256 versus 128). As
a general rule, the larger the keyspace, the more secure the
encyrption.

> What does it mean to disable Windows data execution protection?

I would be very wary of disabling DEP, as you are weakening your
overall security posture.

>From Microsoft: "Data Execution Prevention (DEP) is a set of hardware

and software technologies that perform additional checks on memory to
help prevent malicious code from running on a system. ... DEP can help
block a class of security intrusions. Specifically, DEP can help block
a malicious program in which a virus or other type of attack has
injected a process with additional code and then tries to run the
injected code."

Regards,

J Wolfgang Goerlich

Related Links:

Best practices for the Encrypting File System
http://support.microsoft.com/kb/223316

A detailed description of the Data Execution Prevention (DEP) feature
http://support.microsoft.com/kb/875352

Posted by on January 5, 2007, 8:36 am

If you were Registered and logged in, you could reply and use other advanced thread options

> Is "128 bit blowfish" encryption secure?

> What does it mean to disable Windows data execution protection?

I would be very wary of disabling DEP, as you are weakening your
overall security posture.

>From Microsoft: "Data Execution Prevention (DEP) is a set of hardware

Similar Threads	Posted
Re: Folder encryption	January 4, 2007, 2:30 am
Re: Folder encryption	January 4, 2007, 2:39 am
Re: Folder encryption	January 4, 2007, 2:48 am
Re: Folder encryption	January 4, 2007, 4:38 am
Re: Folder encryption	January 4, 2007, 4:56 am
Re: Folder encryption	January 4, 2007, 5:16 am
Re: Folder encryption	January 4, 2007, 5:33 am
Folder encryption	February 27, 2008, 11:09 am
Re: File/Folder encryption - Compliancy with PCI	November 24, 2005, 11:21 am
File/Folder encryption - Compliancy with PCI	September 28, 2005, 5:31 am

The site map in XML format XML site map