After penetrating an organization's network the threat actors used the PsExec tool to install ransomware on all endpoints and servers in the organization.
The next interesting fact about this ransomware is that the threat actors decided to use the well-known Petya ransomware to encrypt user data.
The first malware program to lock up people’s files and ask for a ransom was the PC Cyborg Trojan in 1989.
It was created by Harvard-trained evolutionary biologist Dr. Joseph Popp, who was working on several AIDS-related projects at the time. Dr. Popp sent a floppy disk containing a program covering AIDS information, teaching, and testing to tens of thousands of mailing list subscribers.
At startup, a crude EULA warned users they had to pay for the program—and the author reserved the legal right to “ensure termination of your use of the programs ....
These program mechanisms will adversely affect other program applications on microcomputers.” Most people didn’t read the EULA and ran the program without paying for it. After 90 boots, the program crudely encrypted/obfuscated the user’s hard drive data, rendering it inaccessible, and asked for a payment of $189 to be sent to a Panamanian post office box. (Check out a great analysis of the Trojan.) Ransomware evolution Early ransomware used symmetric key encryption, and the cipher algorithm was often poorly constructed.
Encryption experts could frequently break the ransomware easily, and because the symmetric key was the same shared key in every infection, every computer touched by the same ransomware program could be unlocked at once. Eventually, ransomware authors learned to use public key cryptography (where both a private key and a second public key is involved) and started to use popular, well-known, well-tested cipher algorithms.
A different key pair was generated for each infection, which made ransomware a very difficult problem to solve. By the middle 2000s, tough-to-break ransomware was becoming very popular, but the problem of how hackers would collect their money remained. Real money and credit card transactions can be traced. Enter CryptoLocker, the first widespread ransomware program to demand bitcoin payments.
CryptoLocker first appeared in 2013. When matched with randomly generated email addresses and “darknet” pathways, it became almost impossible to catch ransomware hackers. Ransomware writers and distributors are now making tens, if not hundreds of millions, of dollars off their victims. These days ransomware keeps getting more dangerous and targeted. Ransomware programs are now being developed to attack specific types of data, such as database tables, mobile devices, IoT units, and televisions.
This page chronicles all the significant developments from the last year or so. Defeating ransomware First, you need to verify that you’ve actually been hit by ransomware. Less sophisticated programs merely take over your current browser session or computer screen.
They make the same blackmail claims as a more sophisticated ransomware program, but don’t encrypt any files.
All you need to do is reboot the computer and/or use a program like Process Explorer to remove the malicious file. Nothing beats a good backup. Nothing beats a current, offline backup.
The “offline” part is important because many ransomware programs will look for your online backups and render them unusable, too. Get patched. Making sure your system is fully patched is a great way to prevent any malware from infecting your computer.
But also see if they are the real patches from the real vendors. Unfortunately, fake patches often contain ransomware. Don’t get tricked. Don’t let yourself get socially engineered into installing ransomware.
In other words, don’t install anything sent to you in email or offered to you when visiting a website.
If a website says you need to install something, either leave the website and don’t go back—or leave the website and install the software directly from the legitimate vendor’s website. Never let a website install another vendor’s software for you. Use antimalware software. Everyone needs to run at least one antimalware program. Windows comes with Windows Defender, but there are dozens of commercial competitors and some good freebies. Ransomware is malware.
Antimalware software can stop the majority of variants before they hit. Use a whitelisting program. Application control or whitelisting programs stop any unauthorized program from executing.
These programs are probably the best defense against ransomware (besides a good offline backup).
Although many people think application control programs are too cumbersome to use, expect them to become much more accepted as ransomware continues to grow, at least in business computing.
The days of allowing employees to run any program they want are numbered. What to do if you’re locked up If all your critical data is backed up and safe, then you’ll be back in business in a few hours’ time. You’ll still need to reformat/reset/restore your device, however. Luckily, that process gets easier with each new operating system version. Using another safe, uninfected computer, restore your backup.
Apply all critical security patches, restore your data, and resolve never to do what you did that got your device locked up in the first place. If you don’t have a clean backup copy of your critical data and absolutely need the data, you have two options: Find an unlock key or pay the ransomware demand. Using another safe, trusted computer, research as much as you can about the particular ransomware variant you have.
The screen message presented by the ransomware will help you identify the variant. If you’re lucky, your ransomware variant may already have been unlocked. Many antimalware vendors have programs to detect and unlock ransomware (if it recognizes the variant and has the unlock key). Run that program first. It may take an offline scan to get rid of the ransomware.
Several websites also offer unlocking services, free and commercial, for particular ransomware variants. Here’s an example of a ransomware unlocker.
Also, believe it or not, ransomware distributors will even occasionally apologize and release their own unlocking programs. Lastly, many people choose to pay the ransomware to recover their files. Most experts and companies recommend against paying ransom because it only encourages the ransomware creators and distributors. Yet quite often it works.
It’s your computer and data, so it’s up to you whether to pay the ransom. Be aware that in many cases people have paid up and their files have remained encrypted.
But these cases seem to be in the minority.
If ransomware didn’t unlock files after the money was paid, everyone would learn that—and ransomware attackers would make less money. I hope you never become a ransomware victim.
The odds of infection, unfortunately, are getting worse as ransomware gains popularity and sophistication.
In one office that's closely watched by technology and internet companies, however, the leadership looks to remain the same—the US Patent and Trademark Office. There's been no official announcement about USPTO leadership from Trump's team, with the new president having been inaugurated earlier today.
But The Hill reported yesterday that Michelle Lee, a former top lawyer at Google, will remain as USPTO director under President Trump. Politico reported the same news, sourcing it to statement from Rep.
Darrell Issa (R-Calif.) and confirming it with other unnamed sources. Lee's remaining at USPTO is a a surprise victory for the technology sector, which offered scant support for President Trump while he was campaigning for office.
She supported President Barack Obama's patent reform agenda, and Trump's views on patents are a cipher. Speculation about who might get the top patent job focused on two candidates with very different backgrounds from Lee's: Philip Johnson, the top IP lawyer at Johnson & Johnson, and Randall Rader, former chief judge for the US Court of Appeals for the Federal Circuit. Johnson was nearly chosen in 2014 but was set aside after outcry from the tech sector, who was concerned about a top pharmaceutical lawyer and opponent of patent reform heading up the US patent system. Early responses from tech sector advocates on the choice to keep Lee have been positive. 'Michelle Lee has started a number of programs to enhance patent quality, and it’s important that those programs be allowed to continue," said Matt Levy, chief patent counsel for the Computer and Communications Industry Association. "With Director Lee continuing on, those programs will have the chance to produce real improvements in the patents the USPTO issues." "Abusive, meritless litigation brought by patent trolls has been a job killer for literally thousands of American businesses over the last decade," Beth Provenzano, co-chair of the United for Patent Reform coalition, said in an e-mailed statement. "Director Lee has worked to improve the tools that allow innovative business to defend themselves against truly frivolous litigation."
The RD now correctly sends a NACK response to ActiveMQwhen operations fail.
ActiveMQ redelivers the message, causing the RD to retry.The RD's communication with ActiveMQ, logging of errors, and handling of errorresponses from F5 BIG-IP improved.
This enables the RD to continue operationwith the F5 BIG-IP cluster even if the RD loses contact with the cluster,improving the RD's behavior when multiple instances are run in a clusteredconfiguration.
The RD is more resilient against losing contact with individualF5 BIG-IP hosts in a cluster of F5 BIG-IP hosts and functions better when run ina clustered configuration.
The RD elicits fewer error responses from F5 BIG-IPand provides better logs, making error diagnosis easier. (BZ#1227472)* Users can now allow the provided database connection helper functions mysql(),psql(), and mongo() to be overwritten.
This allows users to overwrite the helperfunctions to easily connect to external databases. Users can now define mysql(),psql(), and mongo() functions in their $OPENSHIFT_DATA_DIR/.bash_profile, whichcan be used within an SSH connection to a gear. (BZ#1258033)* HAProxy cookies were inconsistently named. Requests to an HA application werenot always being routed to the correct gear.
This fix changes the cookie naminglogic so that the cookie name reflects which back-end gear is handling therequest.
As a result, all back-end HAProxy gears should now return the samecookie name and the requests should be properly routed to the correct back-endgear. (BZ#1377433)* EWS Tomcat 7 can now be configured on nodes to use either EWS 2 or EWS 3channels, allowing an administrator an option of what EWS version the EWS 2cartridge deploys.
This option was enabled to allow administrators to takeadvantage of the EWS 3 lifecycle and security or bug updates that it receivescompared to the maintenance lifecycle that EWS 2 is currently receiving.Administrators have options or can mix and match EWS versions (with nodeprofiles) on what Tomcat version is installed when an EWS 2 cartridge iscreated. (BZ#1394328)* The new version of PIP (7.1.0) no longer accepted insecure (HTTP) mirrors.Also, PIP attempted to create and then write files into the .cache directory,which users do not have permission to create post-installation.
As a result,Python dependencies failed to be installed.The default PyPi mirror URL is now updated to use a secure connection (HTTPS).The directory .cache is created during installation in advance so it can be usedlater by PIP. With this fix, Python dependencies can be fetched from the PyPimirror and installed properly. (BZ#1401120)* When using a gear's UUID in the logical volume name, a grep in the oo-acceptnode caused oo-accept-node to fail.
The grep was fixed with this update. Usingthe gear UUID in the logical volume name no longer causes oo-accept-node tofail. (BZ#1401124)* Previously, moving a gear with many aliases reloaded Apache for each alias.The excess aliases caused the gear move to timeout and fail. With this fix, agear move will now update Apache once with an array of of aliases instead ofupdating after each alias. (BZ#1401132)* Previously, node-proxy did not specify to use cipher order, so the order didnot matter when using a custom cipher order.
This fix makes the node-proxy honorthe cipher order.
Custom cipher orders will now take the cipher order in accountwhen choosing a cipher. (BZ#1401133)All OpenShift Enterprise 2 users are advised to upgrade to these updatedpackages. Red Hat OpenShift Enterprise 2 SRPMS: openshift-enterprise-upgrade-2.2.11-1.el6op.src.rpm MD5: 7ec16aed5fc59ed2890c39c512535506SHA-256: 684678600d7a39ada09613e3e8f2131ff1c0302d9e3041a187cebf76675ecaaa openshift-origin-cartridge-haproxy-184.108.40.206-1.el6op.src.rpm MD5: a1f1449b05688c5a980633d6c7d944f3SHA-256: 2929f1d04ea76635016830e108b098bbada8b45efc7bb53c73eb445ab77c830a openshift-origin-cartridge-python-220.127.116.11-1.el6op.src.rpm MD5: 3dcfe8900468bbf667affe2bf00a696eSHA-256: 4d29292623e415e1d5775a3f7e097d7f6a6c315d66c2a29b68e806788180ce2d openshift-origin-msg-node-mcollective-18.104.22.168-1.el6op.src.rpm MD5: d997b5a2ad85f8d336f207978d7bd6a3SHA-256: 8894b0fdc2fb0a033626bbbd4e1ccb2eaeb3b3b8f9fb6b3d6c3904077f3d1d0c openshift-origin-node-proxy-22.214.171.124-1.el6op.src.rpm MD5: 0a9ef5709ecdb7a38e2fb62c5be21a3dSHA-256: 5be7a48d2364bc0448f88d6a63a5be81270902695d674466c3a36d8fc5c6062c openshift-origin-node-util-126.96.36.199-1.el6op.src.rpm MD5: de83fb1a8228c3965286c5ec20162e32SHA-256: 832c41d74199362210989ef8c73b6e463f9116d23e3b934107f6135106e9e5a5 rubygem-openshift-origin-frontend-apache-mod-rewrite-0.8.2.1-1.el6op.src.rpm MD5: 16a356b09fa38aeb1c0dd6077b9170c6SHA-256: c6fcb52c44e805b4a2d3bd52845d3aae477a15cc9b3eadea8db4d92cff6b9cb8 rubygem-openshift-origin-frontend-apache-vhost-0.13.3.1-1.el6op.src.rpm MD5: e8dd00e793be08b117ac994405b260b4SHA-256: 09b5e3a38406ed813841204b7247faa840cdf9e5bc031b1acf4ae4e6ddf3ebb1 rubygem-openshift-origin-frontend-haproxy-sni-proxy-0.5.3.1-1.el6op.src.rpm MD5: 84be2c2e546dcf2d5e1c00f482347865SHA-256: d8e741d5123a3b4702c431f61e2e4f19415268f15536c8aeb4d4148a113f0fda rubygem-openshift-origin-frontend-nodejs-websocket-0.4.2.1-1.el6op.src.rpm MD5: 78a15fbefa3e00fe25cd350b59195172SHA-256: 9e414c68803f45a0ec50a0a7f700bb80c168401ca3038310c45f624e33eb6354 rubygem-openshift-origin-node-188.8.131.52-1.el6op.src.rpm MD5: 21ef886a44b03c688d48846fed34b974SHA-256: aeddbeafb1f58d2b2349ad5fa97fe3f5188bf5b905e0938aa3169bfe0746fdde rubygem-openshift-origin-routing-daemon-0.26.7.4-1.el6op.src.rpm MD5: 1744e26a273c397078b83ea4946f7836SHA-256: c039f8d023321d8eed0c09b123b171f27c866860705d45aa05b85f82faedf346 x86_64: openshift-enterprise-release-2.2.11-1.el6op.noarch.rpm MD5: 2014a606a47b5e5491341a1381f83ccfSHA-256: c211f0dd8c3efba9d8f2840a7e418f2096dbfbb47f13a8ec7cf7929e38e6162f openshift-enterprise-upgrade-broker-2.2.11-1.el6op.noarch.rpm MD5: 74e50b025859ef9d22efaea0771d1dfaSHA-256: e9fac95a23aa696dfb4c1e4cc8cf33d5cabfb0d9ea4a7f29925936635b6f6078 openshift-enterprise-upgrade-node-2.2.11-1.el6op.noarch.rpm MD5: 43b23128a6f8508f872f199f11e99844SHA-256: 2182ab628c84f5bdcc4fff537aadd260894787a2c2a47d2501912b7190b8ea4d openshift-enterprise-yum-validator-2.2.11-1.el6op.noarch.rpm MD5: af77a0545ff330278c6cd6b02671695aSHA-256: b867d00bda0f52d6ba6a98a74f4303c0df9b4b74405e0487131fb3180ec2150e openshift-origin-cartridge-haproxy-184.108.40.206-1.el6op.noarch.rpm MD5: 749c76f4c105f7ad2b8b4599c393eb39SHA-256: 51eccf1effbf4e287e5d7d22432c5c17e94ee5b03a082e40a38811a29fffb34f openshift-origin-cartridge-python-220.127.116.11-1.el6op.noarch.rpm MD5: 5a2b1bc49dc51b6e1d27418dcbdebe92SHA-256: d1d081769812ca7ff3a109144639e5f0fdfa6879354959e1a4907b21316565d1 openshift-origin-msg-node-mcollective-18.104.22.168-1.el6op.noarch.rpm MD5: 4f7a36fe214d0ff3c73b03f420455451SHA-256: 3571f7067485b72a67d8de2d6f22ddc06bb8e09128047011cb1c54084eb9e6d4 openshift-origin-node-proxy-22.214.171.124-1.el6op.noarch.rpm MD5: f422b78254bc9e061281b769b6257905SHA-256: 2d0fe749cbedb32b5feaa5c871bf38c6cad7f27a90cea0f8466f774974781166 openshift-origin-node-util-126.96.36.199-1.el6op.noarch.rpm MD5: 8a4247c0b621b63656b4fdbfaf48f9e7SHA-256: ab960e297a55df5a662793af11e6b540ebab93df6c3edb32610597afbecaacc8 rubygem-openshift-origin-frontend-apache-mod-rewrite-0.8.2.1-1.el6op.noarch.rpm MD5: 95210c17c2f0cc126b6b0756f6ca3fc3SHA-256: 22362fee3fa68b4ad59ed0a883948d5561d425b67a3396438e408c6df3bbab56 rubygem-openshift-origin-frontend-apache-vhost-0.13.3.1-1.el6op.noarch.rpm MD5: 59411dfa22500844ee7c995cbb3e855dSHA-256: 307fc8948cbbad0548562b7dfd01c7cc976346f9974c30f63801a6ae5925f540 rubygem-openshift-origin-frontend-haproxy-sni-proxy-0.5.3.1-1.el6op.noarch.rpm MD5: 19897e4896ccdf8f527eeef81334dd86SHA-256: 2139ed1ff65db053d722c9a61c0490d5a1e3457bc05b7a746bb1e398c60786cb rubygem-openshift-origin-frontend-nodejs-websocket-0.4.2.1-1.el6op.noarch.rpm MD5: a1d083fdbe96c3a50a44317d43f16f2aSHA-256: adad2d5496b14a6310eb947e4d07eecc2f892a4c8a6223473718ad006bcc761b rubygem-openshift-origin-node-188.8.131.52-1.el6op.noarch.rpm MD5: f0863b65b63e9e85f9cfc3eef3029980SHA-256: 3e1c1250766b63670687ff4ae1e8327229e82b738057bb22758544a24cdc3fc2 rubygem-openshift-origin-routing-daemon-0.26.7.4-1.el6op.noarch.rpm MD5: 1a08ee809815b4c0e231a98deec953d0SHA-256: be88d6d1f339675e91ca18087c9af6825afbb26f9abc2570188fb715c83fe57c (The unlinked packages above are only available from the Red Hat Network) 1258033 - Allow the override of pre-defined function for database connections1377433 - haproxy configuration in HA gears sets inconsistent cookie values, breaking session affinity1394328 - [RFE] EWS 2 cartridge should be able to use EWS 3 binaries.1401120 - pip permission error prevents installing on python-2.7 cartridge1401124 - oo-accept-node reports missing quota if filesystem name contains gear uuid1401132 - Moving gears with many aliases causes excessive number of apache reloads These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
The Electronic Frontier Foundation aims to protect Web traffic by encrypting the entire Internet using HTTPS.
Chrome now puts a little warning marker in the Address Bar next to any non-secure HTTP address.
Encryption is important, and not only for Web surfing.
If you encrypt all of the sensitive documents on your desktop or laptop, a hacker or laptop thief won't be able to parley their possession into identity theft, bank account takeover, or worse.
To help you select an encryption product that's right for your computer, we've rounded up a collection of current products.
As we review more products in this area, we'll keep the list up to date.
No Back Doors
When the FBI needed information from the San Bernardino shooter's iPhone, they asked Apple for a back door to get past the encryption.
But no such back door existed, and Apple refused to create one.
The FBI had to hire hackers to get into the phone.
Why wouldn't Apple help? Because the moment a back door or similar hack exists, it becomes a target, a prize for the bad guys.
It will leak sooner or later.
In a talk at Black Hat this past summer, Apple's Ivan Krstic revealed that the company has done something similar in their cryptographic servers. Once the fleet of servers is up and running, they physically destroy the keys that would permit modification.
Apple can't update them, but the bad guys can't get in either.
All of the products in this roundup explicitly state that they have no back door, and that's as it should be.
It does mean that if you encrypt an essential document and then forget the encryption password, you've lost it for good.
Two Main Approaches
Back in the day, if you wanted to keep a document secret you could use a cipher to encrypt it and then burn the original. Or you could lock it up in a safe.
The two main approaches in encryption utilities parallel these options.
One type of product simply processes files and folders, turning them into impenetrable encrypted versions of themselves.
The other creates a virtual disk drive that, when open, acts like any other drive on your system. When you lock the virtual drive, all of the files you put into it are completely inaccessible.
Similar to the virtual drive solution, some products store your encrypted data in the cloud.
This approach requires extreme care, obviously.
Encrypted data in the cloud has a much bigger attack surface than encrypted data on your own PC.
Which is better? It really depends on how you plan to use encryption.
If you're not sure, take advantage of the 30-day free trial offered by each of these products to get a feel for the different options.
Secure Those Originals
After you copy a file into secure storage, or create an encrypted version of it, you absolutely need to wipe the unencrypted original. Just deleting it isn't sufficient, even if you bypass the Recycle Bin, because the data still exists on disk, and data recovery utilities can often get it back.
Some encryption products avoid this problem by encrypting the file in place, literally overwriting it on disk with an encrypted version.
It's more common, though, to offer secure deletion as an option.
If you choose a product that lacks this feature, you should find a free secure deletion tool to use along with it.
Overwriting data before deletion is sufficient to balk software-based recovery tools. Hardware-based forensic recovery works because the magnetic recording of data on a hard drive isn't actually digital.
It's more of a waveform.
In simple terms, the process involves nulling out the known data and reading around the edges of what's left.
If you really think someone (the feds?) might use this technique to recover your incriminating files, you can set your secure deletion tool to make more passes, overwriting the data beyond what even these techniques can recover.
An encryption algorithm is like a black box.
Dump a document, image, or other file into it, and you get back what seems like gibberish. Run that gibberish back through the box, with the same password, and you get back the original.
The U.S. government has settled on Advanced Encryption Standard (AES) as a standard, and all of the products gathered here support AES.
Even those that support other algorithms tend to recommend using AES.
If you're an encryption expert, you may prefer another algorithm, Blowfish, perhaps, or the Soviet government's GOST.
For the average user, however, AES is just fine.
Public Key Cryptography and Sharing
Passwords are important, and you have to keep them secret, right? Well, not when you use Public Key Infrastructure (PKI) cryptography.
With PKI, you get two keys. One is public; you can share it with anyone, register it in a key exchange, tattoo it on your forehead—whatever you like.
The other is private, and should be closely guarded.
If I want to send you a secret document, I simply encrypt it with your public key. When you receive it, your private key decrypts it.
Using this system in reverse, you can create a digital signature that proves your document came from you and hasn't been modified. How? Just encrypt it with your private key.
The fact that your public key decrypts it is all the proof you need. PKI support is less common than support for traditional symmetric algorithms.
If you want to share a file with someone and your encryption tool doesn't support PKI, there are other options for sharing. Many products allow creation of a self-decrypting executable file. You may also find that the recipient can use a free, decryption-only tool.
What's the Best?
Right now there are three Editors' Choice products in the consumer-accessible encryption field.
The first is the easiest to use of the bunch, the next is the most secure, and the third is the most comprehensive.
AxCrypt Premium has a sleek, modern look, and when it's active you'll hardly notice it.
Files in its Secured Folders get encrypted automatically when you sign out, and it's one of the few that support public key cryptography.
CertainSafe Digital Safety Deposit Box goes through a multistage security handshake that authenticates you to the site and authenticates the site to you. Your files are encrypted, split into chunks, and tokenized.
Then each chunk gets stored on a different server.
A hacker who breached one server would get nothing useful.
Folder Lock can either encrypt files or simply lock them so nobody can access them.
It also offers encrypted lockers for secure storage.
Among its many other features are file shredding, free space shredding, secure online backup, and self-decrypting files.
The other products here also have their merits, too, of course. Read the capsules below and then click through to the full reviews to decide which one you'll use to protect your files. Have an opinion on one of the apps reviewed here, or a favorite tool we didn't mention? Let us know in the comments.
FEATURED IN THIS ROUNDUP
Having your laptop stolen is traumatic; having the thief gain access to your sensitive documents could be catastrophic.
To avert the possibility of catastrophe, use an encryption tool to protect your most important files. With Steganos Safe 18, you can create any number of encrypted storage containers.
Steganos combines an impressive variety of security options with an interface that's very easy to use.
Your $39.95 purchase lets you install Steganos Safe on up to five PCs.
This is a one-time cost, which is a common model for encryption tools.
Editors' Choice utility Folder Lock also costs $39.95, and Ranquel Technologies CryptoForge goes for $39.70. You'll pay $45 for Cypherix PC, and $59.95 for CryptoExpert. Note, though, that those are single licenses.
The five-license Steganos package is quite a bargain.
In addition to being available a standalone product, Steganos Safe is an integral part of the full Steganos Privacy Suite.
This suite also includes Steganos Password Manager 18 and a number of other useful tools.
What Is Encryption?
Throughout history, rulers and generals have needed to communicate their plans in secret, and their enemies have devoted great resources to cracking their secret communication systems.
A cipher that simply replaces every letter with a different letter or symbol is easy enough to crack based on letter frequency.
France's Louis XIV used a system called The Great Cipher, which held out for 200 years before anyone cracked it.
Father-son team Antoine and Bonaventure Rossignol conceived the idea of encoding syllables rather than letters, and letting multiple code numbers represent the same syllable.
They also included nulls, numbers that contributed nothing to the cipher.
But even this long-unbroken cipher pales in comparison with modern encryption technology.
Advanced Encryption Standard (AES), the US government's official standard, runs blocks of data through multiple transformations, typically using a 256-bit key.
Bruce Schneier's Blowfish algorithm should be even tougher to crack, as it uses a 448-byte key.
Whatever the size of the key, you must get it to the recipient somehow, and that process is the weakest point in the system.
If your enemy obtains the key, whatever its size, you lose. Public Key Infrastructure (PKI) cryptography has no such weakness.
Each user has two keys, a public key that's visible to anybody and a private key that nobody else has.
If I encrypt a file with your public key, you can decrypt it with the private key.
Conversely, if I encrypt a file with my private key, the fact that you can decrypt it with my public key proves it came from me—a digital signature.
Getting Started with Steganos Safe
The Steganos encryption utility's installation is quick and simple. Once finished, it shows you a simple main window that has two big buttons, one to create a new safe and one to open a hidden safe.
When a safe is open, it looks and acts precisely like a disk drive. You can move files into and out of it, create new documents, edit documents in place, and so on.
But once you close the safe, its contents become totally inaccessible. Nobody can unlock it without the password, not even Steganos.
Like Editors' Choice tools CertainSafe Digital Safety Deposit Box, AxCrypt, and Folder Lock, Steganos uses AES for all encryption. However, it cranks the key size up from the usual 256 bits to 384 bits.
CryptoExpert and CryptoForge offer four different algorithms, and Advanced Encryption Package goes over the top with 17 choices.
Few users have the knowledge to make an informed choice of algorithm, so I see no problem sticking with AES.
Steganos warns if you try to close a safe while you still have files from the safe open for editing.
In addition to the basic safe, Steganos can optionally create portable safes and cloud safes.
I'll cover each safe type separately.
Create a Safe
The process of creating a new safe for storing your sensitive documents is quite simple, with a wizard that walks you through the steps. You start by assigning a name and drive letter to the safe—the program's main window shows you the name.
By default, Steganos creates the file representing your safe in a subfolder of the Documents folder, but you can override that default to put it wherever you want, including on a network drive.
Next, you define the safe's capacity, from a minimum of 2MB to a maximum that depends on your operating system. Unlike Cypherix PE and CryptoExpert, with Steganos the initial capacity doesn't have to be a hard limit. You can create a safe whose size grows dynamically.
Folder Lock works a bit differently. While you must set a maximum size at creation, it only uses as much space as its current content requires.
A newly created Cypherix volume requires formatting. With Steganos, the safe is ready for use immediately.
The next step is to select a password.
If you've created a master password for Steganos Password Manager, the password dialog should look familiar.
Steganos rates password strength as you type.
If you wish, you can define the password by clicking a sequence of pictures rather than typing it in.
There's also an option to enter the password using a virtual keyboard.
Folder Lock and InterCrypto Advanced Encryption Package 2016 also offer a virtual keyboard.
Here's a useful option. You can choose to store the password on a removable drive, making that drive effectively the safe's key.
By default, a safe opened in this way closes automatically when you remove the key.
It's not two-factor authentication, as you can still unlock the safe using just the password, but it's certainly convenient.
In a similar situation, you can configure InterCrypto CryptoExpert 8 to require both the master password and the USB key.
Digging into the program's settings, you can simplify the process by disabling advanced wizard options.
If you do so, Steganos chooses default values for each new safe's drive letter and filename.
There's a special option that only appears for safes smaller than 3MB.
If you've chosen an acceptable size, a link appears explaining how you can create a hidden safe.
Steganos can hide a small-enough safe inside a video, audio, or executable file.
After creating the safe, you click it, choose Hide from the menu, and select a carrier file.
Steganos stuffs the entire safe into the carrier, without affecting the carrier's ability to function as a program or audio/video file.
To open it, you click Open a Hidden Safe on the main window, select the carrier, and enter the password. Just don't forget where you hid the safe.
For additional security, consider creating a portable safe that you only bring out when you need to access it.
The process is similar. You start by selecting the target device, which can be a USB storage device or an optical drive. You define the size and create a password, just as for a regular safe.
But then the process diverges.
Steganos creates and opens what it calls a prepackaging drive, using the drive letter of your choice.
Showing its age, the tool warns that portable safes don't support Windows NT 4.0 or Windows 95/98/Me. You click to open the prepackaging drive and drag the desired files into it. When you click Next, Steganos creates the necessary files on the target device. You're done!
If the size of the portable safe is less than about 512MB, Steganos creates what it calls a SelfSafe by default.
As with the hidden option for regular safes, you won't even see this as a choice if your desired size is too large.
The SelfSafe is a single executable file called SteganosPortableSafe.exe that contains both the necessary decryption code and the data representing the safe's contents. Otherwise, it stores the contents in a folder called Portable_Safe and adds a file called usbstarter.exe.
Either way, launching the file lets you enter the password and open the portable safe.
In testing, I did run into one surprise; a portable safe is not completely portable.
It requires the Steganos encryption engine. You can only open and work with your portable safe on a PC where you've installed the program.
As noted, you can open a portable safe on any PC where you've installed Steganos Safe.
Creating a cloud safe is another way to share your encrypted files between PCs.
Steganos supports the cloud storage services Dropbox, Google Drive, or Microsoft OneDrive. Whichever you choose, you must install that cloud service's desktop app.
The help points out that Google Drive and OneDrive must re-sync the entire safe when there's any change, while DropBox can selectively sync changes only.
My test PC didn't have any of the desktop apps installed, and the cloud safe creation dialog reflected this fact.
For testing purposes, I installed the Dropbox app.
As with a regular safe, you select a name and drive letter and then choose the safe's size.
For a cloud safe, you don't get the option to have the safe expand as needed.
Create your password, wait for the safe's initialization, and you're ready to go.
The safe syncs to the cloud each time you close it, and you can use it on any PC that has both Steganos and the proper cloud app installed.
Click a safe and click Settings to bring up the administration dialog. Here you can change the password, name, and file location for the safe, but that's not all. On the main page of the dialog you can color-code the safe, and choose whether Windows should see it as a local drive or a removable drive. On the Events tab, you can choose whether to open the safe when you log on, and whether to close it on events such as screen saver activation or going into standby.
There's an option to define an action that occurs after the safe opens, and after it closes.
For example, you could configure it to automatically launch a file that resides within the safe after opening it, or automatically make a backup copy after closing it.
Perhaps most interesting is the Safe in a Safe feature.
This defines a separate safe, hidden within the normal safe, occupying a user-defined percentage of available space, and having its own password.
Depending on which password you use to open the safe, you either open the Safe in a Safe, or the original safe that contains it.
Sneaky! But take care.
If you overfill the outer safe, its contents can wipe out the super-secret Safe in a Safe.
It's all well and good to put your most sensitive files into an encrypted safe, but if you leave the unencrypted originals on disk, you haven't accomplished much, security-wise.
Even if you delete the originals, they're not really gone, because their data remains on disk until new data overwrites it.
For true privacy, you must use a secure deletion tool that overwrites file data before deletion, something like this program's file-shredder component.
The easiest way to use the shredder is to right-click a file or folder and choose Destroy from the menu that appears.
Steganos overwrites the file's data once and then deletes it.
This should be sufficient to foil software-based file recovery systems, though it would still be theoretically possible for a hardware-based forensic tool to get back some or all of the data.
Folder Lock, by contrast, lets you choose up to 35 overwrite passes, which is overkill, as there's no added benefit after seven passes.
Launching the full File Shredder from the main window's menu reveals that it does more than just securely delete files.
As with Folder Lock, Steganos can overwrite all the free space on a disk.
Doing so wipes out all traces of previously deleted files, in effect shredding them ex post facto.
This can be a lengthy process, so you may want to use the scheduler to set it for a time when you're not using the computer. You can also schedule daily or weekly free space shredding. Note that if you stop and restart the free space shredding process, it skips quickly past previously shredded areas.
Finally, there's the Complete Shredder nuclear option.
Choose this to completely wipe out all data on a drive, including partition data.
A drive that's been shredded in this way must be formatted before you can do anything with it. Like shredding free space, this process can take quite a while.
By observation, you can't shred the active Windows volume, which makes sense. When I tried, there was no error message, but it did nothing.
Comprehensive Encrypted Storage
Steganos Safe 18 focuses on the singular task of creating encrypted storage containers for your sensitive files, and it does that task very well.
It's easier to use than most of its competitors, and its Safe in Safe and hidden safe options are unique. You can only use its portable safe and cloud safe features on PCs that have the program installed, but your purchase gets you five licenses.
However, Folder Lock does most of what Steganos does, and quite a lot more.
It features include encryption of individual files and folders, secure storage of private data, a history cleaner, and (at an extra cost) secure online backup.
AxCrypt Premium is even easier to use than Steganos, and supports public key cryptography.
And CertainSafe Digital Safety Deposit Box protects your cloud-stored encrypted files against any possibility of a data breach.
These three are our Editors' Choice products for encryption, but Steganos is a worthy contender.
PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
It allows attackers to decrypt encrypted and encrypted data without knowing the relevant key permitting leaking of sensitive data and possible privilege escalation vulnerabilities. Nyffenegger, now with FitBit, says wrote the four hour course part of his Capture-The-Flag badge padding oracles allows adding used to ensure Students will work through padding oracles in a course detailing exploitation of a simulated PHP website which uses Cipher Block Chaining to encrypt user data for authentication. "When an application decrypts encrypted data, it will first decrypt the data, then it will remove the padding.
During the cleanup of the padding, if an invalid padding triggers a detectable behaviour, you have a padding oracle," Nyffenegger says. "The detectable behaviour can be an error, a lack of results, or a slower response. "If you can detect this behaviour, you can decrypt the encrypted data and even re-encrypt the cleartext of your choice." Users can take the in-depth courses offline for free, or pay for the online variant that comes with some extra classes. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub
The researchers looked at how well these apps conform to Apple’s App Transport Security (ATS) requirements. ATS was first introduced and was enabled by default in iOS 9.
It forces all apps to communicate with Internet servers using encrypted HTTPS (HTTP over SSL/TLS) connections and ensures that only industry-standard encryption protocols and ciphers without known weaknesses are used.
For example, SSL version 3 is not allowed and neither is the RC4 stream cipher, due to known vulnerabilities. Before ATS, app developers implemented HTTPS using third-party frameworks, but configuring SSL/TLS properly is hard so implementation errors were common.
These weakened the protection that the protocol is supposed to provide against traffic snooping and other man-in-the-middle attacks. Currently iOS provides a method for apps to opt out of ATS entirely or to use it only for specific connections, but Apple wants to change that.
At its Worldwide Developers’ Conference in June, the company announced that it will require all apps published on the App Store to turn on ATS by the end of this year. The requirement won’t be enforced at the OS level, but through the App Store review process. Using some of the ATS exceptions will still be possible, but developers will have to provide a “reasonable justification” for using them if they want their apps to be approved. During their study, the Appthority researchers found that 97 percent of the analyzed apps—193 out of 200—used exceptions and other settings that weakened the default ATS configuration. “Among the top 200 iOS apps that we analyzed, 166 apps (83 percent) bypass at least some ATS requirements by setting ‘NSAllowsArbitraryLoads’ attribute to ‘true’ in their Info.plist files,” the Appthority researchers said in their report. “However, not all of them bypass ATS requirements for all network connections.
For instance, a company can still support ATS requirements for network connections with its domain, while allowing ATS to bypass all other connections.” Among the apps that didn’t use HTTPS for all of their connections were popular ones like Facebook, Twitter, LinkedIn, Facebook Messenger, Skype, Viber, WhatsApp, Fox News, CNN, BBC, Netflix, ESPN, Hulu, Pandora, Amazon Cloud Player, Word, Excel, PowerPoint, and OneNote, but also utility apps like Flashlight, QR code readers and games. While it could be argued that some connections don’t need HTTPS because they aren’t used to transfer sensitive data, the Appthority researchers found 10 applications that did send device IDs, email addresses, physical addresses, zip codes, geolocation information and even passwords or secret keys over unencrypted HTTP links. There are many reasons why developers can’t turn on ATS for all connections and are likely to request ATS exceptions during the app review process.
For example, many apps don’t talk only to their developers’ servers, but also to third-party advertising, market research, analytics and image or video hosting services.
The use of HTTPS on these external services are out of app developers’ control. ATS provides fine-grained exceptions like “NSAllowsArbitraryLoadsInMedia,” which can, for example, be used to allow the streaming of video or audio content over HTTP, while encrypting all other connections. However, based on Appthority’s analysis, it seems that so far developers have preferred using the more generic “NSAllowsArbitraryLoads” which disables ATS for all connections, when dealing with such problems. The company didn’t find any app that used the “NSAllowsArbitraryLoadsInMedia” or the “NSAllowsArbitraryLoadsInWebContent” attributes to limit the scope of ATS exceptions.
It hopes that Apple’s new requirements will change that. Many apps that do use ATS disable some of its security features.
For example, none of the apps analyzed by Appthority used Certificate Transparency, which is available in ATS. Furthermore, seven of them disabled SSL certificate validation and 46 didn’t use certificate pinning.
Thirty-eight apps disabled Forward Secrecy and eight apps set the allowed TLS protocol version to 1.0 or 1.1, even though the secure default in ATS is TLS 1.2. “We still expect iOS apps with unencrypted data in enterprise environments, even after January 1,” the Appthority researchers said. “When Apple approves such apps for the App Store, there will still be the security risks associated with unencrypted data for some connections, so it’s important for enterprises to have visibility into and management of the risks related to apps with those exceptions.”