iSafePDF is a free open source utility to encrypt, digitally sign and timestamp your PDF documents, after using it, the encrypted document will still be viewable with any PDF reader (if you know the password), the program is very easy to use, divided into tabs, each one of the tab can carry out a function, like encryption and digitally signing the document, there are additional security options to stop document printing and modification.
iSafePDF document digital signature
You can create a time stamped signature using a Time Stamping Authority (TSA), making your digital signature valid even if the certificate key expires, in the Document tab you can change the PDF MetaData information, like author, title, subject and keywords (to find the PDF easily).
This free software to encrypt and digitally sign PDF documents is portable, no installation is needed to use it, the only downside it is that documents can only be encrypted/digitally signed one at a time, it has no batch processing.
AxCrypt is a free open source encryption program for Windows computers available in 32-bit and 64-bit versions, after installing AxCrypt it will integrate with your right-click menu and allow for single click encryption, it is very easy to use, there is nothing to configure, everything works straight out of the box after installation, you can right-click on a folder and instruct AxCrypt to encrypt the entire contents, the program will then create multiple encrypted file belonging to each one of the files inside.
The software interface is multilingual, available in 7 different languages, it can be used from the command line and a portable version of AxCrypt is available for those on the go wanting an encryption programs that runs from inside a USB thumbdrive.
There is no maximum file size for encryption, the only size limit comes imposed by your operating system boundaries on file size, AxCrypt runs on very low resources, to use AxCrypt you only need 5MB RAM, 2MB hard disk space, temporary disk space 1.5 the size of the file being encrypted, and a low end computer desktop CPU.
Because AxCrypt is open source, you can download the source code and compile the program yourself where you to feel inclined, you could check the source code for backdoors before compiling it.
AxCrypt encryption method
AxCrypt uses the AES algorithm with 128-bit keys for file encryption and SHA-1 for hashes, there is no backdoor, if you forget your password that is it. The AES encryption algorithm that AxCrypt uses was selected by NIST (American Nations Institute of Standards and Technology) after a 5 year process in which fifteen competing designs were presented, AES is the current Federal USA Government standard algorithm for encryption.
AxCrypt file encryption of MP3 file
Files encrypted with AxCrypt have the extension .axx, it retains the original file name and information, you can rename the file if you want to disguise a descriptive name, temporary files are automatically shred, the encryption keys are not stored in Windows page file. If you don’t want to erase the file after encryption you can just choose encrypt copy from AxCrypt menu.
To make it more difficult for an attacker to brute force your password and make the best of the full 128-bit encryption strength potential that AxCrypt offers, you should be using with a meaningless passphrase sequence of 22 characters, if you decide to create a keyfile with AxCrypt and use it for encryption your files will automatically be secured at the maximum level, the keyfile encryption method can be used in conjunction with a password.
AxCrypt software developers recommend that you always create a keyfile for encryption, the created keyfiles are made of 256 bits encoded in Base64, they are saved as a .txt text file with random characters in it.
AxCrypt file decryption
When sending your encrypted file over email to someone else that person will need AxCrypt installed to decrypt it, there is a free program called AxDecrypt that allows others to view AxCrypt encrypted files without installing the full software, AxDecrypt only serves to open files with the .axx extension and it can not encrypt.
You can choose to create .exe self-decrypting files, the other end does not need any kind of program to view the encrypted data, they just need to know the password used, one downside is that .exe files many times contain viruses and few people trust them, antivirus could flag them as a malware, and some email services like Gmail do not accept the sending of .exe file attachments.
Like all symmetric encryption software when you send an encrypted file to someone he/she will need to know the password you are using, you can transmit the password over a secure channel, ideally in person and if that it is not possible then using an encrypted VoIP call, or an Internet messaging program with built in encryption.
File encryption vulnerabilities
While AxCrypt contains no backdoor and the algorithm it uses can not be cracked at present, all file encryption programs have side vulnerabilities residing on the operating system, this is what you should watch out for.
Weak password, file encryption programs are only as good as your password
Solution: Use a very hard to guess passphrase not contained in a dictionary or use a keyfile to secure your files, use a password manager if needed to remember it.
Temporary files and backup copies stored by the your operating system while viewing the decrypted file
Solution: Use data wiping software in conjunction with your file encryption software, routinely wipe Windows locations where temporary files are normally stored, like for example the Windows page file, quality data wiping software come already preconfigured to securely erase those locations.
Your computer has a keylogger installed that captures your password
Solution: Have an updated antivirus and use a high quality firewall that will warn you of outgoing connections, the default Windows firewall will not do this.
AxCrypt file decryption
After decrypting a file AxCrypt will automatically overwrite it, secure data wiping consists of a single pass using pseudorandom data, this is enough to protect you from common undelete software but it will not protect you from expensive special diagnostics hardware used by well funded adversaries like corporations and law enforcement, if you need that level of protection get a different encryption software because data could be recovered from previously erased data.
AxCrypt online documentation is very complete, if you want to know the inner workings visit their homepage, if you get stuck, they have an online forum and a mailing list where to ask questions to other users.
Conclusion on AxCrypt file encryption
It doesn’t have the prettiest of interfaces and its configuration capabilities are next to none, while some might view this as a disadvantage, others will see it as an advantage because it makes operation very easy to understand for beginners.
AxCrypt strong points are that it is open source, it contains no backdoor, it uses a standard uncrackable algorithm for encryption (AES128) and it is easy to operate, its interface could be improved but it gets the job done, this is an excellent program for those on a budget because it is free (donationware) and it will securely encrypt your files.
I would not hesitate recommending AxCrypt to friends in need of secure encryption software but the single pass temporary data overwriting was disappointing, if you are a business user stay out of AxCrypt because it is only secure enough for the home user due to this.
VoIP calls are transmitted over the Internet unencrypted, the data packets can easily be intercepted by a malicious hacker to record the calls and listening in, a simple packet sniffer like WireShark is all that it is needed to eavesdrop on a VoIP call, no high skills are involved.
How to encrypt VoIP calls
Use Zfone to add encryption to your VoIP client: Zfoneworks on top of your unencrypted VoiP software watching for VoiP data packets going in and out of your computer, when it finds them it ciphers the packets encrypting the VoIP call, there is also a man-in-the-middle (MiTM) attack countermeasure by displaying a short authentication string for the user to verbally compare over the phone witht the other end, Zfone is open source software using the ZRTP protocol, there are no backdoors of any kind included.Before considering Zfone to secure your VoIP calls have into account that the software must be installed by both callers and Zfone does not work with Skype because Skype uses a closed source protocol not compliant with the standard VoIP protocol.
Zfone VoIP encryption software
Use a Virtual Private Network (VPN): A VPN like HMA can encrypt all of your internet traffic routing it through their encrypted OpeVPN tunnel, this will include all of your VoIP calls. Routing your VoIP calls through a VPN will slightly increase the bandwidth requirement and produce some CPU overhead.One benefit of using a VPN is that if your ISP or a corporate firewall is blocking VoIP calls using a VPN for VoIP will get around Internet filters, they won’t even know you are making a call, it will also get around state sponsored surveillance which is normally carried out at ISP level.
Wiretapping VoIP password
Use VoiP software with built in encryption: Some VoIP clients like Skype have built-in encryption used to cipher VoIP data packets, if you adopt this solution to secure your phone calls, try to choose voice over IP software compatible with as many other VoIP clients as possible using open source encryption (not Skype) this will make it much harder to introduce a backdoor and it might not require the other end to have the same VoIP client installed for encryption to work.VoIP software using encryption: PhonerLite ; TiviPhone
You could use Truecrypt traveller mode to encrypt your data on a USB stick but in order to use Truecrypt on a computer you will need administration rights and this is not possible in public computers like Internet cafe and libraries. Rohos Mini Drive USB encryptrion doesn’t require administrative privileges to open your password protected USB thumbdrive partition on a guest PC.
Rohos Mini Drive uses on the fly encryption making sure no data is left unencrypted on the guest PC after you have finished viewing it, there is a secure virtual keyboard included to stop key-loggers capturing your password and data is encrypted using AES256 a well known secure algorithm approved by the US Department of Defense to encrypt secret information.
There is a feature called ‘Hide and Encrypt Folder’ that allows to encrypt profile folders of applications like Skype, Google Chrome and Firefox as well as regular PC folders. This feature locks applications data with a password and ciphers the content strong encryption, when your encrypted USB drive is not plugged in to PC the applications will be unable to start.
Rohos Mini Drive encrypted USB thumbdrive
This encryption software needs less than 1MB for stand alone installation and creates an encrypted .rdi file where to store your data, it includes Rohos Disk Browser to view and manage your encrypted files, this is very useful as it will help you to avoid using the guest computer Windows explorer and stop you from leaving temporary files behind.
The free version of Roho Mini Drive has a 2GB encrypted partition size limitation, you will need administration rights to preinstall Rohos Mini Drive on the USB flash drive first and after that this secure encrypted USB thumbdrive can be used anywhere without any admin privileges.
The company behind Rohos Mini Drive claims that there is no backdoor whatsoever, if you lose your password, that is it, that also means that nobody can force the company to decrypt data held in your USB thumb drive because they have no way of doing it.
Steganography, is the science of concealing information in such a way that the existence of the message will only be known to the sender and the recipient, anyone else looking at the message recipient will not suspect there is something hidden inside or it has a meaning, this kind of covert communication is also known as security through obscurity.
Covert communications using Steganography can be traced back to 440 BC when Histiaeus shaved the head of one of his most trusted messengers and and tattooed a message on it, waiting for his hair to grow back before sending him off to deliver the message.
Computer software implementing steganography, aka stego, often uses encryption as a double safety net so that if the hidden message is ever discovered the opponent will still need a password to decrypt it.
SilentEye steganography review
This crossplatform open source free steganography software available for Windows, Mac and Linux offers a very simple and easy to use interface, SilentEye can hide messages or files inside images or sound files, at the moment restricted to .bmp images and .wav sound files but the developers plan to support data hiding inside .jpg and .mp3 files in their next release.
It is important to understand that the data you hide inside a file must be considerable smaller than the innocuous carrier, there is no perfect science to know the proportion of data that can be hidden inside a carrier, many factors come to play like data compression efficiency.
I normally hide files that take 10% of the space of the carrier file at most, after extensively using steganography to hide text messages inside images, 10% is what I have found to be the size closer to the limit allowed, you need not to worry about attempting to hide a file too big inside the carrier as the stego software will warn you of this and you will not be able to carry out the operation until the data you want to hide is reduced or you choose a bigger carrier file.
SilentEye allows you to use drag and drop to encode and decode data, the encoding window allows you to choose encoding format, output image’s quality, pixel colours used and other settings. You can type your secret message directly into the program prior to hiding it inside the file or have a .txt or any other file ready and merge it directly with the covert file.
Besides the pretty interface this free steganographic software has a plug-in system to integrate new cryptographic algorithms, sound AES encryption being already available at present time and you can encrypt your data before hiding it.
SilentEye free Steganography software
Conclusion open source stego SilentEye
You can find more advanced steganographic software but few of them are as easy to use as SilentEye is, the best part of this free stego tool is that it is open source and it allows anyone with coding knowledge to write plugins for it. Source code is also available for download and you can compile SilentEye yourself.
I do not think that hiding messages in .bmp and .wav files is good enough as these files are normally huge in size and very little used nowadays and it would suspicious for people to exchange songs as a .wav
Once the developers release their planned plugins to hide data inside .jpg and .mp3 files, SilentEye will be one of the best and easier to use steganographic tools for people who want to get the job done with a point and click mouse, totally suitable for newbies with little computer knowledge.
R-Crypto Data Security and disk encryption software will help you hide all of your internet pornography, financial details and other sensitive data from prying eyes. This free encryption software will create an encrypted virtual disk only visible after you enter the appropiate password, inside that encrypted disk you will be able to store anything you like and after closing it, the encrypted data will remain unaccessible for anyone without the right password.
R-Crypto encrypts data using the cryptographic infrastructure of the Microsoft operating system, this can include Microsoft AES crypto provider with key lengths of 128, 192 and 256 bits, for the password it will use the well known uncrackable Secure Hash Algorithm SHA-512. It can also use the Data Encryption Standard DES, or 3DES but it is highly reccomended to stick to AES as DES is not a safe encryption algorithm anymore.
R-Crypto constitutes a robust and safe encryption program with no backdoors, best of all R-Crypto is completely free of charge. If you want to hide your internet pornography from your wife and others, R-Crypto will be very useful and it is easy to use for beginners.
With R-Crypto you will have access to your encrypted disk control with an easy to use wizard that will guide you through the creation of the encrypted disk and it will also allow to change the size of the encrypted disk easily and it has many more features like being able to wipe the encrypted hard disk to make sure this is irrecoverable.
R-Crypto Data Security
Because R-Crypto uses Microsoft cryptographic infrastructure, it is ideal for companies that require certification for such products to meet certain governmental or corporate standards, as well as individual users with high security and privacy needs.
Sending emails it is just like sending postcards, anyone who comes across them can read the content, if you find it too hard to use encryption software like PGP/GnuPG, you can resort to encrypt messages online on a website and send the encrypted text, or post it to Usenet, for the intended recipient to retrieve.
Online services to encrypt messages
Lockbin: A free service for sending private email message and files, the service has an integrated online form and you can send the encrypted email from their own website, messages are encrypted in the server using AES256bit and TLS encryption in transit.
ProtectedText: All encryption is done in your browser with JavaScript, the password is never sent to the server, and just in case you don´t trust the website, the source code used to encrypt is open source. There is no registration, logging or tracking and an easy to remember URL to access the encrypted note is available.
ProtectedText online text encryption
Cypher Dog: This is mostly a paid product, decryption works for free but after two weeks trial you must pay to encrypt messages. It can be used in your desktop computer, smartphone or browser installing an extension, it is a scalable and business friendly solution for encryption.
Encrypt-Online: An easy to use form allows you encrypt any text message password protecting it, data is encrypted in the browser with JavaScript, you can choose in between the algorithms AES256 bit in CBC mode or 3DES, they are both uncrackable. There is a single advertising banner in the website that finances its operation.
SecureStuff: This website allows you to encrypt files and text, operation is very easy, there are two windows, enter the text in one of them and you will see the encrypted text in the other window where you can copy and paste it transmitting the decryption password to the recipient by secure means such as a phone call.
You may also use a compression program like PeaZip, 7Zip or BCArchive to send your encrypted message or file to someone without encryption software installed and with little knowledge of computers, this is very easy to use and free, simply add a password when you compress the .txt file, your recipient will only have to enter a password to read it and it will not overwhelm them if they are not too computer savvy.
