Lazybit

Note: The download link is obsolete, copy the final release version instead

A new version of Secrets Keeper is about to be released. It will be called Keeper. You can download a preview from this address: http://files.dekart.com/beta/Keeper-nohands.zip

An installer is not yet available, but we're working on it. At this point just unzip it. Run the included BAT file to enable the integration into MS Office and Windows Explorer.

Of course, no story is complete without screenshots, so here we go (screenshots are clickable):

Keeper's main window, nothing special in it, but notice that the main menu is not shown by default.

The key management window enables you to manage the passwords and contacts stored on your keys. Keeper will generate passwords for you, as well as evaluate their strength. You can have an unlimited number of groups and contacts in each group.

The email addresses will be used when you click the "encrypt and email" option.

The file encryption dialog. You can choose whether you wish to use a password from a key connected to the system (otherwise type it by hand). If you use a password from the key, you can choose which group to encrypt the data for.

• You can create self-extracting archives, so people who don't have Keeper on their computers can still decrypt the files you sent them (if they know the right password, of course);
• You can wipe the original files, to make sure they cannot be recovered using forensic methods. This is handy if you're encrypting your po world domination plans;
• Encrypt and email will automatically start the default mail client and create a new message, with the encrypted file attached to it.

The settings window looks like any other settings window.

Note that the update checking feature does not work yet, therefore if you wish to track Keeper's progress, check this page every now and then.

Keeper integrates itself into the Microsoft Office suite, enabling you to encrypt files or decrypt them from within Word, or other programs from Office.

Keeper 4 also integrates itself into the context (right-click) menu of Windows Explorer. This gives you quick access to features such as:

• File wiping - remove sensitive data without leaving a trace
• Encrypt
• Encrypt and email

If you right-click an encrypted archive, you will see options such as:

• Decrypt...
• Decrypt here
• Decrypt to <name of file>
• Decrypt each archive into separate directory (when selecting multiple archives)
• Decrypt each archive into separate directory and make me a cup of tea

As you can see, Keeper 4 is a huge step forward from Secrets Keeper 3.5. The new version is prettier, it provides an excellent user experience, and it will run on platforms other than Windows ;-)

So, you and your employer are not on good terms anymore and you think it is payback time? Here is a beginner's guide to expressing disagreement.

Disclaimer: the article does not focus on the moral and legal side of the issue, the focus is purely technical.

Note: a complementary article for employers will follow shortly, but if you're sharp enough you can derive the protection methods from this information.

The options are different, but if you're in the IT industry, the common choices are:

• change all the passwords and do not disclose them;
• delete all the data;
• encrypt all the data;
• apply subtle changes to the systems configurations, so that they seem to be working right, but somewhere deep inside a problem is waiting to happen;
• share private data with your employer's worst enemy.

Change all the passwords

It is a matter of time before they find a new person who knows how to apply the password reset procedure - most (if not all) systems have one. Sometimes it is as easy as reading the manual (which they should've told you to write in the first place) and following the instructions.

As an IT expert, you are aware of the fact that if someone has full physical access to a system - they can override pretty much every security measure.

Cons:

• it is a matter of time before they reclaim access to the resources. Since the bridges are already burnt down - your image suffers badly, your future employment opportunities are quite shady. You gained nothing.

Pros:

• easy to implement;
• it is more difficult and time consuming to get past this if there are remote resources (ex: servers) controlled by other companies, in other timezones;
• once they get everything back and sue you, you can say "I didn't want it to be serious, so I chose this trivial method" [then pray they'll buy that].

Delete all the data

This is a better approach, because in this case there is nothing to recover. They can have the passwords for every server, the key for every door - but there is nothing to be found behind any of the doors.

Cons:

• there are backups, you'll have to delete those too, thus there is more work to be done;
• there are data recovery techniques, you'll have to make sure they won't work
  • destroy the data (crash the hard disks; burn the DVDs, literally);
  • wipe the data - wiping is the process of deleting data, then overwriting it with other data, to prevent recovery software from being able to retrieve the original files. In spite of the belief that you need multiple overwrite-passes to make a file impossible to recover - even one pass is good enough.

Pros:

• the more time passes since the files were deleted, the more difficult it is to recover them. The employer will feel a lot of pressure because they have to do everything fast, or they'll have to disrupt the service for a while. This should make it evident for them that they should've given you the raise you asked for, it would've cost them less;
• if you were unprofessional enough to not make those regular backups, the employer will understand that they made more mistakes than they originally thought, one of them was that of employing you in the first place.

Encrypt all the data

This is an extension of the previous method, and it is psychologically more aggressive, because this time they know they have the files, and "all they need" is the password. This gives them the false feeling that they're almost there.

Cons:

• encrypting data takes time, especially if there are large amounts of it;
• you may be foolish enough to use an encryption program that has backdoors in it - which makes your effort useless;
• the employer may have keyloggers installed on your systems, thus they will be able to find the password - rendering the exercise useless again;
• if you use a weak password - they can guess it or brute-force it.

Pros:

• the method is meaner than simply deleting the data;
• even if they have full physical access to the system - it does not help them;
• if you are sure that you are using the best encryption program that does not have any backdoors and employs the best encryption algorithm, you're safe;
• if you use a smart card to encrypt the data, any brute-force or dictionary attack attempts will be futile.

Apply subtle changes to the systems configurations, etc.

If you need an example of this, remember the movie "Office space" to get an idea about how this is done.

Cons:

• they won't know you've had them, because these backdoors are so subtle - thus you lose some of the moral satisfaction;

Pros:

• when the new guy shows up, it may take a long time until the flaws are revealed (especially if you were insightful and weren't kind enough to document what you were working on, making it difficult to understand the system you left behind);
• you can exploit these flaws for many years, and perhaps get some benefits out of it. If you're not greedy and keep everything below the radar, you may never get caught.

Share corporate secrets with the competition

If you are not bound by an NDA, they won't be able to use this against you.

Cons:

• if you don't keep this low profile, future employers won't be able to trust you, and your career may not get far from where you're standing.

Pros:

• if there were no NDAs, technically you succeeded in making them suffer without breaking the law.

Final thoughts

All the methods above have one thing in common - you'll have to pay for it sooner or later, and there is no approach that enables you to get away scot-free.

I do not encourage employees to cheat their employers (and vice-versa), I consider that a direct dialogue is the best way to solve a problem, as well as to prevent it from happening in the first place. This article must not to be used as legal advice.

A new release is going to be made public in the nearest future - Private Disk 2.11 is here. This version brings us one step closer to Private Disk 3.0, adding some new features.

Private Disk Explorer is the major new feature of this release - it enables you to access your encrypted disks even on systems where you don't have administrator privileges.

Yes, that's right! Private Disk is the first program of its kind that can run on any computer, in any circumstances; from Windows 9x to Vista and the not-yet-official Seven - your encrypted files are at your fingertips.

You will be able to explore NTFS and FAT32 images, regardless of their size, having the possibility to add new files to an image, remove existing ones or replace them with updated versions.

From now on Private Disk is unarguably the best option for those who need rock-solid encryption and mobility.

Other changes include:

• faster start-up times - the 2.10 had a noticeable delay in its start up time, caused by the run as a service mode. This problem has been addressed, and now Private Disk is as quick as snappy as it used to be in the old days.
• improved Disk Firewall mechanism - Disk Firewall is another unique feature of Private Disk, we continue to tweak it and bring it closer to perfection, and to what it will become in the 3.0 version of Private Disk. In the 2.11 release the Disk Firewall is quicker and more stable.
• better portability support - in 2.10 we added a feature that created encrypted key backups automatically when the image was mounted; this feature is a great idea, but it lead to errors in cases when the image was stored on read-only media, thus making it impossible to write the backup somewhere. This problem has been fixed now.

Overall Private Disk became more polished and more reliable. Currently only the English and the Russian versions are available, other language versions will follow shortly.

If you watch the evolution of security systems, you are probably aware of the study that explains and demonstrates how private data can be extracted from the system's memory, by forcing a reboot or extracting the RAM modules.

This is an intriguing research, because it shows how far a sophisticated attacker can get. What makes this even more interesting is the fact that there is empirical evidence that shows that it works not only on paper.

Like other encryption programs, Private Disk is permanently decrypting and encrypting some data whenever files on the virtual disk are read or written. Naturally, the keys must be somewhere in the system's memory, therefore our software can become the target of such an attack.

Why should I not worry about this?

Although the attack can have practical results, there are things that can be done about it.

Imagine that you are an attacker that stumbled upon a computer with valuable data protected by Private Disk. If the keys are in memory, it means that the encrypted disk is mounted - and if so, why not just copy the data from it while no one's watching?

Why is it easier to disassemble a computer in order to make the RAM modules easily accessible, then take the memory out and connect it to another computer? When you're done - you'll put the RAM back but the system will be shut down, so the owner will figure out that something is fishy when they return.

Why is it easier to force a system reboot, configure the BIOS to boot from an external device, then dump the contents of the RAM to the external device for future analysis? As in the previous case, the system will be in a different state when the owner returns, so they will realize that an attack has just occurred.

Besides, there are many things that have to be taken into account, and the attacker can only hope that luck will be on their side; for instance:

• is there a guarantee that upon a system reset, there will be no password prompt when entering the BIOS settings?
• what makes the attacker sure that the BIOS is configured to allow booting from any external device?
• why would it be easy for someone to disassemble a computer and take the RAM out (or reset the BIOS settings)?

Of course, all of these problems have solutions: disassembling a system can be done very quick if you're good at it, and resetting the BIOS settings is a matter of time. But all of this is only useful in one condition - the computer that was left unattended contains a virtual disk in a mountedstate.

This is what brings us to the solution, which is just a set of best practices, which are well known for a long time; once you cycle through each item, ask yourself "which of these I hear for the first time?".

End users

• Password protect the BIOS;
• Don't allow the system to be booted up from anything other than the internal drive (no external devices, CDs, or network booting);
• Dismount your encrypted disks if they are not in use;
• Turn the computer off when it is not in use for a long time (cut your electricity bill, save your planet).

Company owners, administrators, and leaders of the IT department

• Do not allow full physical access to corporate workstations;
• Make sure that every employee understands that a stranger walking around with a canister of liquid nitrogen (to cool down the extracted RAM modules to keep their contents intact longer) is not a common phenomenon, and this should be reported immediately;
• Make it impossible for a stranger to enter the office when no one is around;
• Use surveillance equipment to monitor remote locations (this implies that the sly attacker managed to get past the guards who found nothing suspicious about a "smoking" canister of liquid nitrogen in the hands of a stranger who visits the office past working hours and ends up doing something in the server room after unlocking multiple doors with the power of thought).

Developers

• Do not keep the keys in the memory when you don't need them, overwrite the memory with some other data as soon as the keys are not required.

As you can see, none of the above is new. Of course, this does not mean that the new attack method is useless, but it makes it clear that simple measures can be taken in order to protect your assets. Moreover, all these measures are either free (features such as "disconnect encrypted disks when the system hibernates" in Private Disk, or "Automatic lockdown" in Password Carrier are there for ages), or are already in place (guards, locks, security cameras, etc).

Finally, I must point out that I can hardly imagine a thief who prefers to try this new high-tech wizardry, when it is known that the encrypted disk is already mounted, so all that has to be done is simply copy the data and walk away (which is obviously the path of least resistance).

Summary - the end of the world is postponed yet another time, and you can protect yourself by following a short list of best practices. How is this news?

Make IT secure!

Many years ago I decided I was not going to use an antivirus for my computer. My friends and colleagues find this unbelievable, but they are more surprised when I tell them that throughout the years this decision never came back to haunt me.

The #1 reason was to get rid of the performance penalties that are an obvious consequence of an antivirus that runs in the background and checks all the files that are being accessed. The second reason was that [at that time] I did not have a permanent Internet connection, so I was always sure that I never had the most recent updates. In other words, I was aware of the fact that my antivirus would probably miss a threat or two. In those circumstances it was obvious that

• I have to live with permanent performance issues;
• And in spite of that, there is a great chance I'll get infected anyway.

Naturally, I decided to remove the antivirus. This sounds like a crazy decision, but it is not, if you analyze the problem. Think about the sources from which viruses come:

• Emails with attachments
• Things you copy from CDs, DVDs or USB flash drives when you exchange data with friends
• Files downloaded from Internet sites
• Source-X (you'll find out below)

Now, let's deal with each item:

Email - this is not a real threat, as long as you follow some basic rules:

• Don't run programs that came in attachments;
• If the attachment comes from a trusted person; either ask them if they really sent that file, or simply ignore the email because (see below)
• Normally people don't send programs (EXE files) via email. Usually we exchange photos, documents, movies... why would we suddenly change the pattern and send a program?

Files copied from various media - the same logic applies: photos, movies and texts are not executable files, hence they pose no harm. If the CD or DVD is from a store, then we can trust the vendor made sure there are no infected files there. If it comes from an unreliable source, then try to obtain the same file from a trusted one.

Files downloaded from various web-sites are the ones more likely to be harmful, especially if they come from P2P networks like eDonkey or Kazaa. As in the previous case, you are pretty safe if you ignore EXE files and only use the .mp3 or .avi ones - they are not executable programs, so they can't cause trouble. (Note, if you're the "download stuff off P2P networks" type, you might find PD FileMove useful)

As you can see above, most of the times you can get away by simply taking a look at the type of the file and making sure it is not a EXE. An antivirus is not needed for that, all you need is to think for a second before double-clicking a file.

Now, what if you received a file from a friend, and they confirmed they really sent it, so it's supposed to be safe... but your defensive instincts tell you that the file might be harmful, what then? The solution is to use an antivirus which is not resident, i.e. it does not permanently reside in the computer's memory and you only use it when you think you need it.

I do have an antivirus on my computer, a free program called ClamWin. If my "psychic virus detection" skills are not convincing enough, I can right-click the suspect file and scan it:

Knowing that I can do this, gives me the psychological comfort of feeling protected. But here's the funny thing - in no less than 5 years of not using an antivirus, I used this option no more than 10 times. Each time I used it, the antivirus confirmed that the suspect file was indeed malicious - but I was able to determine that myself just by analyzing the file (its name, extension, size, the date it was created).

In other words, I have empirical evidence that life without an antivirus is not only possible, but also very successful. Of course, this requires rather advanced computer-oriented thinking (not everyone can guess that a file is a spyware program just by looking at it), but even this has a simple solution - don't mess with unknown EXEcutable files.

This story would be incomplete, and misleading, if I didn't mention that I am using a firewall, and I am pretty sure that my firewall is the second most important layer of defense (the first one being my intuition; the term 'intuition' is not very good, but discussing its appropriateness is beyond the scope of this story).

This occurred to me in the days of MSBlast, when many people suddenly found themselves with a "System is shutting down in X seconds" message on the screen. That's when I learned that threats don't necessarily come in the form of a EXE file which I must run; an unprotected system with known vulnerabilities can easily become the target of an attack. Afterwards files can be run on the system without my permission, so I can get infected. The obvious conclusion is that there is another source of threats - network connections (this is what "Source-X" referred to). And the other obvious conclusion is that I needed a firewall. Nowadays Windows comes with a built-in firewall, so we've got this attack vector taken care of. Note that this firewall does not monitor outbound connections, and is not very flexible, but choosing a perfect firewall is beyond the scope of this story.

Finally, there is another layer of defense, the one which never fails, the one that gives me the greatest psychological comfort (i.e. if everything else lets me down, I can be 100% I am not totally lost). What I'm talking about, is Disk Firewall. The defensive strategy is simple and very easy to implement:

1. Separate system files from your personal files (see the 4th message in the forum thread);
2. Store your personal data in a virtual encrypted disk, restricting access to the data using Disk Firewall and a list of trusted applications.

In this case, even if your system was compromised, you can be sure that your data are absolutely intact. Moreover, if you've implemented the 'separate system from personal data' approach - restoring your system to a stable state is "one-two-threasy" :-)

Conclusions

• Life without an antivirus is possible;
• Most of the security threats can be dealt with by simply being attentive to details;
• If you insist on having an antivirus (which you will rarely use), why pay when there is a free alternative?
• If your antivirus program comes with a built-in firewall, perhaps you can make your system faster by leaving only the firewall enabled, disabling the resident scanner and manually scanning files that you think are suspect;

Secondary conclusions

• I save money because I don't pay for an antivirus, nor I pay for updates;
• I never complain about my system being painfully slow (unlike some of my colleagues, who are so well-protected that they can't even use their computers for any real-world tasks, other than watching progress bars ;-)

Last week we've released an update of the SmartKey library, one of the additions is compatibility with ACOS5 cards provided by ACS. Now these cards can be used with any of our data encryption or user authentication software, provided the cards were formatted with this version of the Key Formatting Tool. The tool is not yet officially released, because other features are being added; however, ACOS5 support is now thoroughly tested.

• The capacity of the card after formatting is about ~30 K;
• Dekart formatting can be done before and after formatting with another vendor's tool, therefore the card can be used for other, non-Dekart programs too;
• No transport key is required when the card is formatted.

To find out what SmartKey is, take a look at the timeline of Dekart software; you might also be interested in checking out the list of other supported hardware.

Sometimes we ignore little details, which is a bad thing - because others can use our negligence against us.Most routers and ADSL modems come with a web interface that is used to control and configure the device. The administration panel is accessed with a web-browser, and it provides access to data such as:

• your user name and password
• a log that shows which sites are visited, which network hosts are connected to the router
• port forwarding rules
• etc

There are two things that have to be done if such a device is used in your household:

Full story »