Free encryption software other than Truecrypt?

Discussion in 'privacy technology' started by mattfrog, May 16, 2012.

Thread Status:
Not open for further replies.
  1. mattfrog

    mattfrog Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    85
    Location:
    United Kingdom
    Hi all,

    I'm looking for recommendations on a free tool to encrypt files and folders on Windows, other than TrueCrypt.

    It needs to simply allow selection of files or folders, and condense them into an encrypted file. AES-256 would be desirable.

    I've took a look at Sophos Free Encryption, but can find absolutely no information on the algorithm used.

    Many thanks in advance!
     
  2. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    Re: Free encryptionn software other than Truecrypt?

    Axcrypt bro ;) (It's also open source). If you want an easy real-time encryption, you can look at this Filewall Website -hummerstudio.com .
     
  3. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
  4. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,100
    Location:
    Adelaide
    Re: Free encryptionn software other than Truecrypt?

    7-Zip will do this.
     
  5. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Here is another one...

    It's main purpose is to encrypt files and folders (Good for personal use or encryption for cloud services)

    Encryption is in AES, and is 100% free

    Product is called Cloudfogger

    Here is the site:

    http://www.cloudfogger.com/en/home/index.aspx

    Note: This is one of the new kids on the block, so if that bothers you....Then I would take the advice from a previous response (Use 7-Zip)
     
    Last edited: May 16, 2012
  6. dread

    dread Registered Member

    Joined:
    May 18, 2004
    Posts:
    195
  7. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,100
    Location:
    Adelaide
    It supports AES-256 encryption, so with a strong password, about as secure as you can get.
     
  8. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Assuming it is implemented correctly. Crypto systems are never broken due to the algorithm, but *are* broken due to programming errors and other failed implementations. Even people who are experts with PhD's make mistakes in cryptography and it's not even rare, sadly. Crypto is hard. This is why I don't trust any cryto product that is not:

    A) open-source

    B) well tested over a number of years.

    7-zip seems to satisfy both of these requirements, so it's probably OK. Cloudfogger does not adhere to either A or B, so I would never trust it.
     
  9. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    OP,

    I would love to hear why you started this thread with "other than TrueCrypt"?

    For me part of the allure of TC is how well its put together. I am sure that other programs are amazing too. However; one big thing for me is that there are many legal cases where LE has not been able to crack stuff encrypted using TC. These are major cases where any backdoor or weakness would have been used by now. My opinion.

    So in a sense, law enforcements inability to defeat TC speaks volumes as to its solid implementation.

    Can anyone here cite/link a significant legal case where any of the other products mentioned on this thread has kept forensic LE from getting in? I have only read legal briefs about TC and PGP. The old PGP was open source and when Zimmerman ran the place I used it exclusively, but not anymore.

    I would love to discover other encryption products that are well put together. I'll let LE determine that for me by use of their advanced forensic methods. I am smart enough to study the implementations as well. But lets face the music here - the true acid test might just be LE. Make sense?

    If a program is solid enough for what I'll call "bad guys" its definitely OK for my needs as I don't have anything like that going on.


    OP - for file and folder only encryption I still use "old style" PGP version(s) 6.5.8 or 7.0 only. 6.5.8 was the last pre-911 version that Zimmerman fully managed/assembled. Its open source and solid as hell. It will take some "rigging" to get it installed on newer OS's but it can be done. I had to rig it to get it on XP Pro but it runs fine on that OS. Nobody is going to break into a 4K encrypted file using this old reliable software. Zimmerman was a genius and damn fine Crypto guy.
     
    Last edited: May 17, 2012
  10. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I've run 6.5.8 CKT 09b3 (Imad Faiad's Builds) on Win 7...it's still kicking :D But GPG4Win is solid. Ah, the good old days...

    PD
     
  11. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Yeah, PGP back in the day was good. Then they became incorporated but still allowed the source code to be downloaded. Then Symantec bought it. I checked Symantec's site and did not see anywhere to download source code, nor I did not see any free version whatsoever, only trials. So I assume Symantec has totally closed up the source code?

    The true litmus test would be NSA. But really they are irrelevant for 99.9% of use cases. If they can routinely break crypto products they would never let that info leak at some trial, so it wouldn't matter anyway. They would only use it for snooping on the "big guys" and wouldn't much care about LEA issues. You would have to be a pretty big fish (say a terrorist plot) for them to bother. And if they are after you, you're done. Even if they can't break it, they would just send you to some friendly Arab nation with no torture laws (rendition). Good luck to you there. :argh:

    But as for LEA's, yeah, I think it's pretty much certain they can't break TC (or other competent disk encryption products) without the user being incompetent and using weak keys or passphrases. They have also, in at least one case, used hardware keyloggers to capture the encryption passphrase (it was a mafia case -- you can google it). Physical control of the machine is the main security one must take into account with disk encryption. It's a much bigger threat than anyone breaking the crypto itself.


    Well, Zimmerman was a good programmer but he wasn't necessarily the best cryptologist (he would admit that I think). In early versions of PGP he used his own home-brewed cipher (because DES was too weak and there was no AES yet). Some cryptographer reviewed the algorithm and broke it in a few minutes. This cryptographer told him he needed to be using better reviewed and written algorithms. He settled on IDEA, which is still one of the choices in modern PGP/GnuPG. However, AES is now preferred because, well, it is the standard and has had a ton of scrutiny by experts around the world.
     
  12. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    BCArchive may be what you're looking for.
     
  13. hashed

    hashed Registered Member

    Joined:
    May 5, 2012
    Posts:
    53

    Don't worry, if Symantec has it, Anonymous probably does too LOL. There isn't much good to say about a security co that cannot keep their own code secure..

    ~h
     
  14. hashed

    hashed Registered Member

    Joined:
    May 5, 2012
    Posts:
    53
    Ditto for me on TrueCrypt..this is one well put together product :)
     
  15. jitte

    jitte Registered Member

    Joined:
    May 2, 2012
    Posts:
    67
    Or to them not having heard of TrueCrack:



    Not really. ;)
     
    Last edited: May 20, 2012
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Good choice. I've used 6.5.8CKT08 for many years.
     
  17. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    DiskCryptor, open source full disk encryption. I have used it, and its probably one of your best alternatives to TrueCrypt -http://diskcryptor.net/wiki/Main_Page/en
     
  18. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Trucecrack is going to be worthless against a good password. And as the TC documentation says over and over again, you need at least a 20 char *random* password for real security. And throw in a 256 bit random keyfile, and password cracking will be utterly futile.
     
  19. hashed

    hashed Registered Member

    Joined:
    May 5, 2012
    Posts:
    53

    Agreed, keyfile(s) really make this about as bullet proof as you could hope to get!

    ~h
     
  20. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Half of your 64 character pass phrase on a Yubikey...in addition to the key file, works well too.

    PD
     
Loading...
Thread Status:
Not open for further replies.