Actually I'm still not very happy with it... I just noticed it increased the executable size a little bit too much to my liking. But I will try to forget about it and focus on more important things for a while.
I can see a "deniable output"-button which is disabled at the moment, but i guess it will be enabled soon. It is mentioned on the website:
It seems that a newer version is available On the website is mentioned 1.009.201 but after a download it is a newer version: 1.009.211
Sorry, web page updated. SHA256 for 1.009.211: 1cc9bc7090ccdeb47ca0d5be5357d759c26b006704136266d5b11968eb489aee
I like this, very much. I was using an anonymous text file, but this is a dream come true! One suggestion only, if the search bar could actually take us to the desired string? Please? FWIW, change "whicheverfile.dat" to "whicheverfile.dut", click "Open" and let Windows associate Cobbler with ".dut"
Thanks for your feedback, glad you like it. Try hitting F3 to cycle through search results. (Making this more intuitive is on my to-do list)
New version available: 1.009 build 215. SHA1: 221f33ffe7afd27277476cf544f942e4b681210d SHA256: d288eab3a8afefe47220a06b4946f0c0a0e8fe476236bc4e2f344a175cc95bcb One major internal enhancement: Cobbler now erases its entire writable memory space upon termination, to ensure that no sensitive data ever remains in RAM after exiting the application. This is something that very few other applications implement properly (or at all).
I noticed that Cobbler is launching another instance upon termination. I guess the new instance is responsible for erasing of the memory space (of the parent process)?
Good guess! A process cannot fully overwrite its own address space, so a second dedicated process is launched to do the job properly. If people are interested, in a later post I will elaborate on why this feature is important and how to test that it's working as advertised.
New version available: 1.009 build 216. Fixes a minor issue with the password generator. SHA1: 44723fdd6cd1cb8610335ebd05efaf7f93f22be8 SHA256: 4a7ae9fb54db38303a8204c630c09208f90b848d06de2342f50645a1f518cc3a
Not sure which forum this should be in but I'm sure somebody will put me right. Just started to use Cobbler on Windows 7 desktop & Windows 10 laptop both with Avast Anti-virus installed. Encrypted a file satisfactorily but on de-encryption, screens went blank, my encrypted file & downloaded .exe file were deleted & Avast messaged that a threat had been blocked, both on desktop & laptop. Tried to download .exe file again (several times), but keep getting " Failed - Insufficient permissions" Any guidance would be greatly appreciated.
OK, Avast can get a bit too enthusiastic occasionally. Some surgery is advised. These cuts need not be permanent, but they should get you out of the current trouble. 1.) Disable all shields except File Shield. 2.) Set an exception in Avast for your download folder. 3.) Set an exception in Avast for your Cobbler installed path--where you dropped it in C:\. This exception may have to be permanent. 4.) Make a brand new extension for your encrypted files. This will involve a Registry hack in HKCR, you will need to make a key for the new extension. 5.) Set an exception in Avast for the new extension.This exception may have to be permanent. You should now be able to download Cobbler without hassle, drop it into its new home and start it up. 6.) Now associate Cobbler with your new extension. 7.) Remove the exception from the download folder. Make your new repository using a text editor, save it as {the new extension} and open it with Cobbler once you've worked out your master key for the file. Don't lose the master key, make it memorable. Done. I don't know your security needs or wants. I use only File Shield in Avast, or any other AV. You do need to know that if you use Web Shield, Avast will insert its own Certificates into the chain, effectively performing a MITM attack. There is an intense debate over the need for this tactic. You may also want to work out if you need the Mail Shield, which is primarily needed for MS email systems, especially Outlook variants. It is not needed for any email client which does not encrypt or database its attachments. You may want to look in Avast Virus Chest for your deleted copy, but definitely put the exception in place before you Restore.
Looks like Avast is making an incorrect detection again... Can you see if you get the same alerts with this test build? https://www.trustprobe.com/fs1/cobbler_beta.exe SHA256: 1242cdd413169252be3d7c6e89af63bbe698b2c963f5be6fbf608c23d319332c
The test build is much smaller. I think you did some magic 993.280 bytes vs. 203.264 bytes. I couldn't resist to analyze it , and i see that some resources were removed from the executable. That could be one reason for the smaller size.
Nice observation. I've always hated bloat so I'm trying to get rid of a few dependencies. However there are some issues (edge cases) that still need to be fixed before this can go live.
Very good. I have not launched it yet (because it is a test version), but i'm looking forward to the next (and smaller) version.
I tried it out, but the file was too small to hold all my sites & passwords & notes. Why limit it? I do hope you are compressing then encrypting.
@svenfaw I was not aware that it has a size limit, only after looking at the titlebar: If the container is too big to be saved (and the user might loose added content), can there be an additional warning message (or something similar) if the user wants to close it?
Because the Cobbler container structure was designed to avoid leaking *any* sensitive information (including the amount of actual content present), container size is fixed. It also has no specific headers and is indistinguishable from perfect (8.0 Shannon entropy) noise, by the way. The current version of Cobbler does not compress data before encryption. This feature is already under development, though, and should be pushed live soon. I do realize that the 32KB limit is rather low. A paid version of Cobbler will offer higher capacity as well as a few extra features. Details and release date are still undecided. In the meantime, a 64KB version is available to donators who request it.
svenfaw said Looks like Avast is making an incorrect detection again... Can you see if you get the same alerts with this test build? https://www.trustprobe.com/fs1/cobbler_beta.exe SHA256: 1242cdd413169252be3d7c6e89af63bbe698b2c963f5be6fbf608c23d319332c Thanks for response svenfaw, just catching up with this after a brief spell away. OK, tried to access the test build you suggested but got an Error 404 message with following comment, “Not Found The requested URL /fs1/cobbler_beta.exe was not found on this server.” Any further advice apart from using a different AV
