Lazybit

If you're someone who checks the system logs every now and then, to make sure things are running smooth - you may have noticed some errors related to Private Disk:

The PRVDISKAMD64 service failed to start due to the following error: The system cannot find the file specified.

The program works fine, despite these log entries.  The error is not critical and it has no impact on the program's functionality. But why is it there? And what does it mean?

Private Disk comes with several flavours of drivers - 32-bit and 64-bit. Upon installation, both driver types are registered, but only one of them is successfully loaded by the system.

The other type, which is not compatible with the platform, fails to load - hence the log entry is generated.

In other words, you can simply ignore these notifications.

 

This behaviour will be changed in the next release, so the system won't bother loading modules that are not designed for it. Until then, here is a simple solution:

1. download Autoruns from Sysinternals
2. run the program and switch to the Drivers tab
3. find the drivers the pubisher of which is Dekart
4. uncheck the versions that do not correspond to your system
5. the new settings will come into effect after a restart

On choosing the entries:

• if you have a 32-bit (x86) system, disable the ones ending with "amd64"
• for 64-bit platforms, disable the other ones (as in the example below)

What the modules mean:

• pdfilter - Disk Firewall, the application-layer access filter;
• prvdisk - virtual disk driver (the thing that makes the encrypted drive show up in My computer as a regular disk);
• prjndl - the disk encryption driver that implements AES-256 in CBC mode, our NIST-certified implementation of it.

This beta is now obsolete, go for the release version instead.

An updated version of the upcoming Keeper 4 is now available: http://files.dekart.com/beta/Keeper4-starscape.zip

It is a more polished version of the previous release, described here.

Note: The download link is obsolete, copy the final release version instead

A new version of Secrets Keeper is about to be released. It will be called Keeper. You can download a preview from this address: http://files.dekart.com/beta/Keeper-nohands.zip

An installer is not yet available, but we're working on it. At this point just unzip it. Run the included BAT file to enable the integration into MS Office and Windows Explorer.

Of course, no story is complete without screenshots, so here we go (screenshots are clickable):

Keeper's main window, nothing special in it, but notice that the main menu is not shown by default.

The key management window enables you to manage the passwords and contacts stored on your keys. Keeper will generate passwords for you, as well as evaluate their strength. You can have an unlimited number of groups and contacts in each group.

The email addresses will be used when you click the "encrypt and email" option.

The file encryption dialog. You can choose whether you wish to use a password from a key connected to the system (otherwise type it by hand). If you use a password from the key, you can choose which group to encrypt the data for.

• You can create self-extracting archives, so people who don't have Keeper on their computers can still decrypt the files you sent them (if they know the right password, of course);
• You can wipe the original files, to make sure they cannot be recovered using forensic methods. This is handy if you're encrypting your po world domination plans;
• Encrypt and email will automatically start the default mail client and create a new message, with the encrypted file attached to it.

The settings window looks like any other settings window.

Note that the update checking feature does not work yet, therefore if you wish to track Keeper's progress, check this page every now and then.

 

Keeper integrates itself into the Microsoft Office suite, enabling you to encrypt files or decrypt them from within Word, or other programs from Office.

Keeper 4 also integrates itself into the context (right-click) menu of Windows Explorer. This gives you quick access to features such as:

• File wiping - remove sensitive data without leaving a trace
• Encrypt
• Encrypt and email

If you right-click an encrypted archive, you will see options such as:

• Decrypt...
• Decrypt here
• Decrypt to <name of file>
• Decrypt each archive into separate directory (when selecting multiple archives)
• Decrypt each archive into separate directory and make me a cup of tea

As you can see, Keeper 4 is a huge step forward from Secrets Keeper 3.5. The new version is prettier, it provides an excellent user experience, and it will run on platforms other than Windows ;-)

So, you and your employer are not on good terms anymore and you think it is payback time? Here is a beginner's guide to expressing disagreement.

Disclaimer: the article does not focus on the moral and legal side of the issue, the focus is purely technical.

Note: a complementary article for employers will follow shortly, but if you're sharp enough you can derive the protection methods from this information.

The options are different, but if you're in the IT industry, the common choices are:

• change all the passwords and do not disclose them;
• delete all the data;
• encrypt all the data;
• apply subtle changes to the systems configurations, so that they seem to be working right, but somewhere deep inside a problem is waiting to happen;
• share private data with your employer's worst enemy.

Change all the passwords

It is a matter of time before they find a new person who knows how to apply the password reset procedure - most (if not all) systems have one. Sometimes it is as easy as reading the manual (which they should've told you to write in the first place) and following the instructions.

As an IT expert, you are aware of the fact that if someone has full physical access to a system - they can override pretty much every security measure.

Cons:

• it is a matter of time before they reclaim access to the resources. Since the bridges are already burnt down - your image suffers badly, your future employment opportunities are quite shady. You gained nothing.

Pros:

• easy to implement;
• it is more difficult and time consuming to get past this if there are remote resources (ex: servers) controlled by other companies, in other timezones;
• once they get everything back and sue you, you can say "I didn't want it to be serious, so I chose this trivial method" [then pray they'll buy that].

 

Delete all the data

This is a better approach, because in this case there is nothing to recover. They can have the passwords for every server, the key for every door - but there is nothing to be found behind any of the doors.

Cons:

• there are backups, you'll have to delete those too, thus there is more work to be done;
• there are data recovery techniques, you'll have to make sure they won't work
  • destroy the data (crash the hard disks; burn the DVDs, literally);
  • wipe the data - wiping is the process of deleting data, then overwriting it with other data, to prevent recovery software from being able to retrieve the original files. In spite of the belief that you need multiple overwrite-passes to make a file impossible to recover - even one pass is good enough.

Pros:

• the more time passes since the files were deleted, the more difficult it is to recover them. The employer will feel a lot of pressure because they have to do everything fast, or they'll have to disrupt the service for a while. This should make it evident for them that they should've given you the raise you asked for, it would've cost them less;
• if you were unprofessional enough to not make those regular backups, the employer will understand that they made more mistakes than they originally thought, one of them was that of employing you in the first place.

 

Encrypt all the data

This is an extension of the previous method, and it is psychologically more aggressive, because this time they know they have the files, and "all they need" is the password. This gives them the false feeling that they're almost there.

Cons:

• encrypting data takes time, especially if there are large amounts of it;
• you may be foolish enough to use an encryption program that has backdoors in it - which makes your effort useless;
• the employer may have keyloggers installed on your systems, thus they will be able to find the password - rendering the exercise useless again;
• if you use a weak password - they can guess it or brute-force it.

Pros:

• the method is meaner than simply deleting the data;
• even if they have full physical access to the system - it does not help them;
• if you are sure that you are using the best encryption program that does not have any backdoors and employs the best encryption algorithm, you're safe;
• if you use a smart card to encrypt the data, any brute-force or dictionary attack attempts will be futile.

 

Apply subtle changes to the systems configurations, etc.

If you need an example of this, remember the movie "Office space" to get an idea about how this is done.

Cons:

• they won't know you've had them, because these backdoors are so subtle - thus you lose some of the moral satisfaction;

Pros:

• when the new guy shows up, it may take a long time until the flaws are revealed (especially if you were insightful and weren't kind enough to document what you were working on, making it difficult to understand the system you left behind);
• you can exploit these flaws for many years, and perhaps get some benefits out of it. If you're not greedy and keep everything below the radar, you may never get caught.

 

Share corporate secrets with the competition

If you are not bound by an NDA, they won't be able to use this against you.

Cons:

• if you don't keep this low profile, future employers won't be able to trust you, and your career may not get far from where you're standing.

Pros:

• if there were no NDAs, technically you succeeded in making them suffer without breaking the law.

 

Final thoughts

All the methods above have one thing in common - you'll have to pay for it sooner or later, and there is no approach that enables you to get away scot-free.

I do not encourage employees to cheat their employers (and vice-versa), I consider that a direct dialogue is the best way to solve a problem, as well as to prevent it from happening in the first place. This article must not to be used as legal advice.

A new release is going to be made public in the nearest future - Private Disk 2.11 is here. This version brings us one step closer to Private Disk 3.0, adding some new features.

Private Disk Explorer is the major new feature of this release - it enables you to access your encrypted disks even on systems where you don't have administrator privileges.

Yes, that's right! Private Disk is the first program of its kind that can run on any computer, in any circumstances; from Windows 9x to Vista and the not-yet-official Seven - your encrypted files are at your fingertips.

 

You will be able to explore NTFS and FAT32 images, regardless of their size, having the possibility to add new files to an image, remove existing ones or replace them with updated versions.

From now on Private Disk is unarguably the best option for those who need rock-solid encryption and mobility.

Other changes include:

• faster start-up times - the 2.10 had a noticeable delay in its start up time, caused by the run as a service mode. This problem has been addressed, and now Private Disk is as quick as snappy as it used to be in the old days.
• improved Disk Firewall mechanism - Disk Firewall is another unique feature of Private Disk, we continue to tweak it and bring it closer to perfection, and to what it will become in the 3.0 version of Private Disk. In the 2.11 release the Disk Firewall is quicker and more stable.
• better portability support - in 2.10 we added a feature that created encrypted key backups automatically when the image was mounted; this feature is a great idea, but it lead to errors in cases when the image was stored on read-only media, thus making it impossible to write the backup somewhere. This problem has been fixed now.

Overall Private Disk became more polished and more reliable. Currently only the English and the Russian versions are available, other language versions will follow shortly.

PD Explorer is a free tool that enables you to explore Private Disk encrypted images even in the cases when Private Disk is not installed on the computer, even if you don't have administrative privileges.

You can view the contents of the encrypted disk, write or remove files from it - as you can normally do with an archive such as a ZIP file.

It is extremely simple in use, making it easy to add new files to the encrypted vault, delete or update existing files.

PD Explorer is compatible with NTFS images of any size, there are no file size restrictions, nor are there limitations about the maximum number of files that can be processed.

PD Explorer is a available for free, you can download it right now.

Voyager is a bundle that includes a portable email client, and Private Disk. The latter is used to encrypt the email archive, to make sure no one can read your messages if you lose the disk, or if it ends up being stolen. Ther are two flavours of Voyager, the 256 MB one and the 2 GB one; no matter which one you have, sooner or later you will need more space. That can be done easily by migrating your email archive to a bigger removable disk.

1. It is assumed that both USB flash disks are ready; the original one is E:, and the new one is F:
2. Start Private Disk
3. Do not mount your image, instead go to Recovery and press Backup, to create a "compressed, encrypted, password protected backup copy of the Private Disk"
4. Choose a backup file and an encryption password (this password can be, and should be different from the password of the original image; although nothing will break if you use the same password)
5. Create a new encrypted disk, it should be located in F:\image.dpd
6. • Naturally, the new image must be larger than the original one, so that there is plenty of room for new emails
   • The new image should not occupy the flash disk entirely, leave at least 10 MB of space for other data
7. Go back to the Recovery tab and press Restore to "restore the data from a previously made copy of the Private Disk"
8. Select the destination image (F:\image.dpd) and enter the password
9. Choose the backup file made at step #4 and enter its password
10. After the process is done, copy all the files and directories (except image.dpd) from E: to F:

If you did everything correctly, you will see the following in F:

• PD, directory
• autorun.inf
• RunMe.exe
• image.dpd

Done! You will probably want to go through an additional step, and customize these settings of the encrypted image:

• Autorun, to launch Z:\Voyager\Voyager.exe automatically
• Autofinish, to run Z:\Voyager\tbExit.exe automatically when the disk is dismounted
• Disk Firewal - enable it and add the trusted applications (if any) to the white list. Remember that every program inside the virtual disk is trusted by default