does anybody use this free encryption program

Discussion in 'privacy technology' started by Chuck57, Sep 27, 2007.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    http://www.ce-infosys.com/english/downloads/free_compusec/index.html

    I found reference to it in another thread, and it looks pretty impressive for free. I'm guessing it's an older version, but it does 'seem' to offer a lot. I've never used this stuff but am interested in playing with it.

    From their website:

    * This software is FREE for both Professional Business use as well as
    Personal use.
    * Hotline support and maintenance contracts are available.
    * Worldwide support is available through CE-Infosys and our partners.
    * Supports Window Vista, Windows XP, Window 2003, Window XP Tablet Edition & Windows 2000.
    * A FREE version for Linux is now available.

    Function overview of the FREE CompuSec® Software Version:

    * Pre boot access control
    * Encryption for Hard disk using 256-bit AES algorithm and in hibernation mode
    * Encryption for CD / DVD for secure publishing and sharing of CD data using CDCrypt
    * Encryption for Diskettes and Removable Media Devices such as ZIP drives, USB thumb drives or Memory sticks
    * Encryption of Individual Files or data transmitted via Email and FTP using new DataCrypt
    * Encryption of Server Files & Subdirectories using SafeLan
    * Single-Sign-On at Windows
    * Identity Management for password encryption, policy database query, and supports BioClick for secure transactions based on fingerprint recognition
    * Local and Central Administration
    * [ClosedTalk]® for secure VoIP communication
    * Intergrated support for Tablet PC
    * [DriveCrypt]® for container encryption
    * Centralised management with Audit Log and Remote Challenge/Respond for password reset.**

    I also found this, so wonder if that means removing my Paragon partition.

    Please Note:
    1.
    [ClosedTalk]® - Secure Voice Communication function is only available for Microsoft Windows user.
    2.
    FREE CompuSec® does not support third-party boot loaders. Please remove them prior to FREE CompuSec® installation.
    3.

    Upon installation of FREE CompuSec®, you should not use any hard disk partitioning software on your PC. Failure to do so will result in a non-bootable PC as FREE CompuSec® loader might be altered.
    4.
    Existing users of FREE CompuSec®:
    Currently no direct upgrade process is available from v4 to v5. Users are required to decrypt all the hard disk and uninstall current version first before installing FREE CompuSec® v5.
    5.
    CDCrypt supports CD/DVD burning built-in utility on Windows XP and Nero software only. FREE CompuSec® v5 does not support CDCrypt component currently.
     
  2. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    No, but 24MB+ ?

    The zipped version of Blowfish Advanced CS, is only 614KB and does
    all one really needs:-

    http://www.lassekolb.info/bfacs.htm

    http://www.hotpixel.net/software.html

    Blowfish Advanced CS 2.57

    One powerful file encryption and security tool for the Windows platform. As the successor of highly successful BFA97, Blowfish Advanced CS offers a bunch of new and improved features which are:
    Blowfish, Twofish, AES, RC4, TDES, Serpent, CAST
    Strong key support, handling and cryptography
    Fast: encrypts megabytes of data per second
    Data compression using LZSS, deflate and BZIP2
    Secure wiping of files and clearing of empty disk space
    Comfortable user interface with built-in file browser
    Easy working with encrypted files
    Complete integration into Windows Explorer
    Automation of daily routines by using job files
    Dozens of options to finetune the application
    Small: fits on half of the space of a floppy disk!
    Trustworthy: the complete source code is available
    Quick language switch (German and English)
    Runs on all Win32 versions, from 95 to Vista
    Personal Edition without any restrictions!

    and more ... eg. Deslack (The unused space in the last cluster of a file is called slack and may contain (sensitive) data from deleted files.)

    Regards.
     
  3. TVH

    TVH Registered Member

    Joined:
    Aug 9, 2007
    Posts:
    227
    Dont forget truecrypt. I reckon its the best encryption software available and its open source and free.
     
  4. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Thanks, guys. I have no need for any of it, other than to learn a new thing. Anybody who tries to snoop my computer really needs to get a life. I keep nothing of a sensitive nature such as banking or credit card info, etc on it. Nor do I visit the darker side of the web or download anything of that nature.

    I'll have to take a look at TrueCrypt and Blowfish and fool with them. Hopefully, I won't screw up and lock myself out of my computer.
     
  5. waldovanlaeken

    waldovanlaeken Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    35
    Location:
    Belgium

    ~Snip~ Unnecessary comment removed. - Ron The post starter is talking about FULL disk encryption , and you are talking about a simple "right click" shell extension encryption freeware ?
     
    Last edited by a moderator: Oct 4, 2007
  6. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i've used CompuSec in the past, about 3 years ago, and it worked OK from what i remember. the biggest problem was getting to the desktop the first time you use it because it used a very complicated password system, but once you've booted up a couple of times it makes sense. however, if you don't work it out you have to reformat your hard drive and start again as it encrypts the whole HDD.

    one thing about whole HDD encryption is you can't image your HDD because everything is scrambled, and i think i remember you have to disable all real-time malware scanners while you do the install.

    it might be good for a laptop, but i have no idea what a crypto expert would think of it.
     
  7. wraithdu

    wraithdu Registered Member

    Joined:
    Jul 22, 2007
    Posts:
    21
    I just installed this last night on my crappy old laptop. I didn't have any problems logging in or getting to the desktop, or getting the system drive encrypted. Of course I read a bunch of forum posts on it first, and payed good attention as I installed it. It uses AES-256 now, so it should be just as secure as other products.

    I do have some pros and cons.

    Pros -
    I like the other parts of the program besides the HD encryption. DataCrypt is good for shared key file encryption. SafeLan is cool for securing network shared drives, and the removeable device / CDCrypt options are also pretty neat.

    Cons -
    Recovery is hard!! Every recovery solution involves removing the harddrive and installing it in another host PC that has CompuSec installed with the original encryption keys from the other drive. That means you have to have a backup of your SecurityInfo.dat file. If you don't, forget about it.

    There is no easy way to recover from a messed up or overwritten MBR. If you happen to restore the original MBR or use some other program that modifies it (and you are warned against this) and lose the CompuSec login, then you have to follow a complete recovery with another host PC to decrypt the drive. There's no way to restore the CompuSec MBR unless you've made a backup with a tool like MBRTool (nothing is provided by the author to do this). You can use some emergency tools, such as emergency decryption, but the MBR must not be damaged.

    I contrast this to something like DriveCrypt Plus Pack, which has a great emergency repair CD. You can restore either the original or the DCPP MBR and do emergency decryption. It's much greater peace of mind for me. However DCPP costs a lot and lacks some of the other features of CompuSec.

    If you want the best of both worlds, I would say use DCPP for the drive encryption, and just install the other goodies of CompuSec if you need them.
     
  8. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    yes i had problem with this one v5.1, after install and encrypt my HD, i booted, after the windows login screen apeart, i couldn't login to my acount, the windows will immediately log me out, after login. finally i made a emergency decrypt, and than every thing returnd to nomal.

    does anyone has idea what was wrong?
     
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Thats why these scrambling disk/data programs trouble me greatly. If something goes wrong, even the slightest something, you just as well reformat and lose everything you intended to protect in the first place.

    I dunno any dependable encrypting/scrambling program aside from MAYBE true crypt and have read positive results from users of it, but then this is a very sensitive area to deal with since Humpty-Dumpty needs to be recreated again with everything in order.

    These apps i am very skeptical of if they are really worth such a risk, especially encrypting an entire hard drive.

    I dunno, someone tell me.
     
  10. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Encryption is the only solution against thieves. In the age of mobile computing, this is a very real risk.
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    I must agree with that sentiment.

    It seems the only way by far to effectively and systematically scramble machine/system code completely enough in a manner that affords the most effort to again recombine the puzzle to human readable form.

    After some afterthought and with some free time on hand i've D/L'd CompuSec free myself to have a play at it, but being the skeptic i am when it comes to encryption programs i'll have to see real results before i become convinced it can be trusted to not permanantly lose a users data.
     
  12. Justin Troutman

    Justin Troutman Cryptography Expert

    Joined:
    Dec 23, 2007
    Posts:
    226
    Location:
    North Carolina, USA / Minas Gerais, BR
    Cryptographic incompetence.

    I would steer away from DriveCrypt; if their marketing jargon is indicative of their cryptographic competence, the situation looks pretty bleak. Overall, I'm not optimistic about there being any cryptographers behind the scene.

    You really don't have to read any further than "1344 Bit Military Strength." "Military strength" and "military grade" are two things you've seen before, I'm sure, but neither have any meaning. Completely meaningless. I question the competence of anyone that resorts to using either. This, coupled with the ridiculously large key length (without any sensible rationale), is enough to discount their product, but I'll keep going. I'll stick to pointing out problems with just this quote, although I have other, equally important, concerns.

    The first problem is cramming in a horde of block ciphers. One might think that more options mean more security, but it's quite the contrary. More options mean more complexity within the implementation, and when cryptography fails, in practice, this is usually where it happens - the implementation. There's solid cryptographic reasoning for using the AES alone. That reason being, as a standard, it's receiving more cryptanalysis than any other block cipher; this is reason enough.

    The other thing that baffles me is their selection of predominantly 64-bit block ciphers. As we're in an era of 128-bit block ciphers, it usually makes more sense to use 128-bit block ciphers, over 64-bit block ciphers, for cryptographic reasons. What we normally shoot for is 128 bits of security, which isn't all about key length, but block length too. However, it's evident that they didn't take this into consideration. I can see no compelling reason for implementing the block ciphers that they've implemented, on cryptographic grounds.

    In cryptographic design, minimalism is the key. Out of all the areas of security, cryptography has one of the most - if not the most - decorated track records. You might expect the implementation of cryptography to follow suit, but what it does is far from that. When cryptographic infrastructures fall apart, in the real world, we rarely blame the cryptography itself; we blame the implementation, and rightfully so, because it's usually to blame. The best approach to implementation is a simplistic one - one that threat models properly and addresses those threats conservatively and concisely.

    Lots of block ciphers won't make your product any more secure than if you're using one block cipher. Recycle primitives. Don't introduce unnecessary complexities that burden the implementation and give users a plethora of options that are more likely to confuse than pay off. Less is more. However, the chances that they understand this are slim. My advice to SecurStar: Since we usually try for 128-bit security, use the AES with a 256-bit key. In real-world applications, key material often leaks, so a larger key can compensate for this. Oh, and if there are any cryptographers at SecurStar, my plea to them: Come out. You've been hiding too well, for far too long.
     
  13. Juha L

    Juha L Registered Member

    Joined:
    Dec 25, 2007
    Posts:
    48
    Why you can't image? Sure you find just garbage if you mount the image, but in case of emergency, can't you just recover the disk image normally back to your HD ala TrueImage bit by bit??
     
Loading...
Thread Status:
Not open for further replies.