GPG4USB is a portable program to encrypt text and files using GnuPG, the open source public key encryption system compatible with PGP. It works on Windows and Linux computers and does not require administrator rights for execution, files and messages can be exchanged with anyone using OpenPGP compatible software, like PGP Desktop or GPG4Win. The main interface will be familiar to anyone who has used PGP/GPG encryption in the past, you can create a keypair, import, export encryption keys, check key properties, upload keys to a keyserver, sign files, encrypt and decrypt files.
You can also remove and add PGP headers to your messages, to see this feature you will have to go into settings click on the advanced tab and tick the “Show Steganographic Options” checkbox. Another advanced option is the possibility to split PGP encrypted attachments into pieces.
Portable encryption GPG4USB
The software comes with a very complete offline manual that any beginner will understand, to make this tool portable move the extracted files and “start_windows.exe” binary to a memory stick. GPG4USB could also become your main desktop GPG encryption software since it has a splendid interface that some people might find easier to use than other similar applications like WinPT.
You should remember temporary files belonging to the encrypted data could still be found in any computer you use, that is the case for nearly all portable software.
Open source CTI Text Encryption is a small (290Kb) portable application to secure your text messages, there is no need for administrator rights and it should work in any public computer, I found a few of the default settings confusing, like for example naming the password fields “Key” and having everything hidden with asterisks by default, you will have to tick the “Show Characters” checkbox to see what you are doing, on a public computer is best to keep everything hidden obviously. It took me a couple of minutes looking around to familiarize with the software.
The program has two encryption tabs, “Two way Encryption” and “One Way Encryption“, the later is not reversible and can not be decrypted, the only possible use seems to be hashing a text message (creating a number generated from a string of text), it can be useful as anti-tampering measure to ensure message integrity, the output result can be copied and pasted with the a message.
CTI Text Encryption software
The software allows you to use your computer processor ID or hard drive serial number as a password with a single click but anyone with access to your computer could find those out, I did not find the feature too secure for that reason and there is no particular advantage that I know of by using them instead of a traditional password.
CTI Text Encryption could be useful for travellers, assuming you convince the receiving end to download and use the same software to be able to read your messages. If you travel often it’s best to sign up with an email service that offers encryption by default, but unless you have your own computer security is easy to compromise, and if you use your laptop with a Wifi connection, PGP or GPG encryption would be the best option.
I couldn’t find much information about CTI Text Encryption inner workings other than some change logs mentioning SHA256, Twofish and the Rijndael Algorithm (AES) .
ImmediateCrypt is a free open source utility written in Java to encrypt text messages, it uses cryptographic standards like the AES256bit cipher, CBC block chaining and PKCS#5 padding, ImmediateCrypt can be installed on a USB thumbdrive, there is no need to have administrator rights to execute it in your computer, something that should be appreciated by those using public computers. In order to decrypt messages both parties will need to have ImmediateCrypt installed, it doesn’t matter what operating system they are using as long as Java is present, the software will work in Windows, Mac OS X and Linux/BSD.
To encrypt text simply copy and paste it inside the box, enter a password and click on “Crypt“, the receiver will reproduce the same steps using the “Decrypt” button, the password should have previously been given using secure channels like an encrypted VoIP call or in person.
ImmediateCrypt portable text encryption
ImmediateCrypt does not have any configuration settings or extra features like a password meter, this is not a high security encryption program in the sense that it would be possible for a virus to read your clipboard text and there is no virtual keyboard making it possible for a trojan to capture keystrokes, but if you are convinced that your computer is 100% secure and your main concern is only stopping man in the middle attacks when you email someone a text message it should be impossible for a third party intercepting the garbled text to decipher what it says.
Immediatecrypt is much easier to use than PGP encrypted email, it is a good way to convince your beginner computer friends to start using encryption as they will not have to spend time learning how it works since everything can be explained in under a minute and it is intuitive.
DropKey is a MAC OS X tool (Lion and above) to easily encrypt and share documents using public/private key encryption, you only have to drag and drop any file you want to encrypt on top of the DropKey icon that appears in the menu bar and it will automatically encrypted, specifying who to send the file to will create a new email message with the encrypted attachment, only the person whose public encryption key has been used will be able to view it.
Your public encryption key is stored in your personal contact record in the Address Book and it can be safely attached to a vcard file (.vcard) to send to your contacts, any file encrypted by a sender using your public key can be opened by you without entering a password. The secret private key in your power decrypts it and makes sure that nobody else can access the file.
It is possible to guard against man-in-the-middle attacks, where an adversary sends the wrong public encryption key making you believe that it is that of your friend so that you encrypt your personal files using it. DropKey can generate 4 random dictionary words with each encryption key, asking the person you are communicating with to verify those words, over the phone or Instant Messenger, will guarantee that it is his key. This is akin to a digital fingerprint, formed of random letters and numbers, DropKey has pursued to make the system easier for the average user by using pronounceable words instead of random characters.
DropKey MAC OS X file encryption
This program is very easy to use and it integrates with your address book, the private encryption key is kept in OS X’s built-in Keychain Access app, to see it you will be asked for the administrator password. DropKey can be used to keep personal files encrypted, they don’t have to be necessarily emailed, simply choose a place where to save the file after encryption, multiple files can be encrypted at once, the developer created this app with people wanting to email documents securely and not for those who need secure data archiving, functionality comes accordingly.
No data ever leaves your computer unencrypted, the encryption and decryption process takes places locally, the recipient will need to have DropKey installed but doesn’t have to buy the software just to decrypt data, trial mode decryption never expires. I can foresee a big problem with this app, you won’t be able to communicate with friends using Windows or Linux computers, and for that reason I would advise you against it and go for GPGTools instead, which is compatible with any other OpenPGP software.
A Florida judge ruled that a suspect involved in a child porn case who had encrypted a laptop and five external hard drives with Truecrypt does not have to give up his password because he is protected by the US Constitution Fith Amendment right not to be a witness against himself.
The man can not be named as he has not be charged with any crime and has now been released from prison where he was being held in contempt of court. John Doe first came to the attention of the police on suspicion of uploading videos of under-age girls to Youtube, the computer IP was traced back to the hotel room where John Doe was staying. According to the ruling it is not enough for the Government to prove that the encrypted drives can store vast amounts of data , the Government would need to show what files are stored inside and the computer forensics expert has admitted that the drives might as well be empty.
This new ruling will help clarify future cases in which someone is compelled to give up his password to law enforcement when requested, at first glance it appears contradictory with an earlier bank fraud ruling where a judge ordered Ramona Fricosu to surrender her password, but they are totally different cases as Ramona Fricosu had been recorded over the phone admitting to hold incriminating evidence inside her encrypted laptop whereas John Doe had never admitted to holding the files the police is after.
WinPT is an open source graphical front end for GnuPG, a compatible OpenPGP software that allows people to exchange encrypted messages and files with other PGP users, without WinPT you would only be able to use GnuPG from the command line which requires a long learning curve, GnuPG is included in the download. After installing Windows Privacy Tray you will be asked to create or import your public encryption keys and associate the program with .asc, .gpg and .sig files. The default extension for encrypted messages is .gpg but this can changed to .pgp in preferences.
All of the needed GPG/PGP functions are available, setting up your preferred keyserver, importing and exporting keys, setting ownertrust, revoking keys, digitally signing messages or files and others. Hotkeys can be used to quickly encrypt and decrypt messages.
public key GPG encryption WinPT
The software includes plugins for Euroda and Outlook Express, key management, and encryption and decryption of text in Windows clipboard. WinPT is a good alternative to GPG4Win, another free OpenPGP compatible tool, I did not notice too many differences in between them, WinPT is lighter and a smaller download, and GPG4Win has a few more features like Claws Mail and a bigger community. You will still need to learn how public key encryption works, this software is not as automated as Enigmail, a GPG Thunderbird plugin, but it can be used to encrypt files and text outside of your email client to store them online for example, so it has more functions. To protect against brute force attacks it is much safer using an encryption key and a password than just a password.
If you are looking for a free alternative to the expensive Symantec PGP Desktop, more suitable for businesses, WinPT will get the job done, an easy and simple way to send encrypted messages or attachments by email with the power of OpenPGP.
Idoo file encryption can lock, hide and encrypt files using AES256, you will be prompted to enter the masterpassword after installation, and optionally, an email address to recover your password in case you forget it. You can lock and hide files using the interface, but not single file encryption, this can only be done through Windows context menu, I used it to encrypt a file and it did not ask me to confirm my password, you will have to be very careful what you type if it is a long passphrase, I would advise you to tick the box to see the password you are entering and do not use asterisks.
Hiding a couple of photos worked fine, Windows was unable to see them, however, specialist computer forensics software, of the kind used by law enforcement and well funded investigators should be able to discover them, to make the photos or files visible again all that is needed is unchecking a tickbox. File write protection stopped me from erasing files where it had been applied, not even using administrator rights I was able to get around it, Idoo file encryption is fairly easy to use and you have an online help manual with screenshots.
This tool saves encrypted files as .gfl but you can choose to use a .exe extension to be able to decrypt them without the software, files can securely wiped after use and you can use it to hide drive letters, like an external plugged in device, but I doubt this will be of use for a home user who isn’t on a network.
Idoo file encryption free version
I am very concerned about the password recovery feature, I used it once and I was sent my password in plain text to my email Inbox, this indicates to me that the password must be available in plain text somewhere, normally, encryption software never stores a readable password, it uses a hash algorithm instead, Idoo file encryption did not inspire me confidence due to this. I have nothing against password recovery but not this way, a good example of password recovery done right is SpiderOak, they email a password hint that the user has previously set himself, but not the full password in plain text as nobody has access to it.
The developers website comparison in between the Free and Pro version mentions that the Free version is good enough for company documents and the Pro version for Government agencies and financial data, in reality the level of encryption it is exactly the same, the only difference is that the Pro version can encrypt folders, their comparison is not quite right, adding that their password recovery in plain text really blows me away, unless you only want to protect from your little niece spying on you, I wouldn’t waste my time with this product, lets alone any money.
Update February 20117: I have deleted the link to IdooEncryption as it is being reported by Firefox as containing malware. Site does not look updated either, no mention of Windows 10.
