Rohos Software

Discussion in 'privacy technology' started by n8chavez, Jan 20, 2008.

Thread Status:
Not open for further replies.
  1. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Does anyone have any opinions regarding Rohos' encryption software? It is supposed to be like TrueCrypt, but does not require admin privileges; which makes it very hand for a USB drive.
     
  2. waldovanlaeken

    waldovanlaeken Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    35
    Location:
    Belgium
    It's like truecrypt indeed... although :

    -you can't do full disk encryption (only volume based)

    -It's closed source

    -Only AES or Blowfish (wich is nowadays obsolete anyway).

    Bruce Schneier now recommends against the use of Blowfish. In December 2007, he said, "At this point, though, I'm amazed it's still being used. If people ask, I recommend Twofish instead." Wikipedia

    -Not downloaded (tested) for 4 million times

    http://www.truecrypt.org/statistics.php

    -NOT free to use (time limited)

    http://www.rohos.com/desktop-security/buy_on-line.htm

    But hey, it is indeed like Truecrypt.
     
  3. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    So, are you saying that Rohos Risk is not recommended to secure a "volume" on a USB disk, or are you saying that just the use of Blowfish is not advisable? What about using Rohos Disk with AES?
     
  4. waldovanlaeken

    waldovanlaeken Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    35
    Location:
    Belgium
    I'm not saying that the program is insecure in anyway. I do not have the knowledge to say (confirm) this.

    I just say that Blowfish is recommended against by its creator, although there aren't any know attacks against a full 448-bit blowfish.

    http://en.wikipedia.org/wiki/Blowfish_(cipher)

    It's just that there are better ciphers around now. It's successor Twofish, and offcourse AES (Rijndael).
     
  5. waldovanlaeken

    waldovanlaeken Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    35
    Location:
    Belgium
    Saying and confirming that a "closed source" implentation of algorithms is secure or unsecure is almost impossibel. You can't read the code.

    I must admit that reading the "full" code of a program like truecrypt is also
    very time consuming ;)

    The algorithms that are considered secure today, may be considered unsecure tomorrow.
     
Loading...
Thread Status:
Not open for further replies.