Some things make life easier. Think about your data. And the way you used to share it. USB Sticks, DVD, CD-Rom, Harddisks - are a thing of the past. Many people use services like Dropbox, Google Drive, Box and similar on a daily routine. Some of those did not think about data security - and just dropped everything into the cloud: From bank data to keys and passwords and such... Others did think about those problems and tried to secure their important files via means as encryption like TrueCrypt. But that did come at a cost: Loss of usability: You just cannot open a file on your Android Smartphone on the fly. And occasionally, somehow the TrueCrypt drive would be uploaded as copy a second time to the Dropbox. Really nasty.
But then, Secomba came up with their product: BoxCryptor. A neat little piece of software, mounting an "Cloud Folder" as local harddrive and enc- and decrypting files on the fly, while you are accessing these files via the mentioned local mount. Secomba was not reinventing the wheel at that time, they were just using EncFS, already known in the Unix World. And that was really good, as you could just use the BoxCryptor files in Unix via the means of EncFS. The Apps, developed for iPhone, Android and the Chrome Browser did work perfectly. All in all: I would recommend these tools and am using them on a daily base. And I would recommend you the same.
BUT:
Use the old, deprecated BoxCryptor CLASSIC stuff.
Hu? Yeah! You read right. Use old, deprecated, soon-to-be stuff. Or use the new BoxCryptor without the cool features... Ok. Well I should explain why I distrust Secomba, the corporation which earned Awards from Golem, heise, Forbes, c't and so on and on: Secomba, as every corporation tries to make a living from their software, and that is absolutly fine with me. Secomba did create BoxCryptor a new, labelling the "old" Version BoxCryptor Classic, creating the new one with corporations and secure file sharing, i.e. Teamworking in mind. And by doing that, they had to introduce a new feature: Centralized Storage of your BoxCryptor Keys. On their own server. Yes, that is right. You upload the keys to your files, bound to your Secomba Account to their servers, if you choose to use the new mode. You can, however, disagree with that and use it like in classic mode - BUT the new BoxCryptor seems to be incompatible with EncFS, and - even better: You cannot use new BoxCryptor on more than 2 Devices - you have to pay for more... Well, that was another feature that did work on the classic free version - but not anymore.
These are all reasons why I would recommend using BoxCryptor Classic for your cloud files security - but discourage the use of the new BoxCryptor 2.0 - even without using the "Save-my-Keys-to-the-Cloud" function - because in my opinion, it is just a devolution of an excellent tool.
And one last word to the "Share Secure Online Function": If you really would like to share a file securely via the net: Send a TrueCrypt drive or host your own local server. Seriously, if you are a CIO, could you advise your people to upload encrypted data - and the passwords - to a server or service - not under your control? If you would answer this rhetorical question with "Yes" - then beg my pardon - but I do not want to work with you and your corporation anymore.
As the link to the (still security patched and updated!) BoxCryptor Classic is a bit hidden under the new and shiny BoxCrytor 2.0 stuff... There you go: https://www.boxcryptor.com/de/boxcryptor-classic
I couldn't agree with you any more. I've tried the new Boxcryptor as a possible solution to the BC Classic problem that I'll comment you below) and it has unacceptable deliberate restrictions: you cannot archive files with ".bc" extension (which Visual Studio 6.0 uses), and you cannot freely choose the names of your folders on your virtual drive root dir. So, I've discarded using it.
However, with the Boxcryptor Classic (Boxcryptor_Classic_v1.6.405.102_Setup.msi), when I work on VS6.0 IDE on the BC Virtual Drive (which doesn't have the limitations of the new BC) and I save my edited files, very soon I get the rejection that "the file may be in use by another application", and it remains so until I relaunch Boxcryptor. Obviously, that's also unacceptable.
The other alternative that I've found, Viivo, doesn't work on my Win XP. So, now I'm left without a solution to my so simple needs.
Until now, I'm using Jetico BestCrypt or Truecrypt, but using containers that Dropbox can't read and upload until I dismount the virtual drive, which I don't do often (I usually standby, rather than power off).
I'm wondering if any older BC classic version would allow VS6.0 to work gracefully on its virtual drive.
Do you by chance know that ? or do you know any other encrpting ap. for WXP that encrypts files and offers a Virtual Drive?
Hi Jose,
well I am still using Boxcryptor Classic and thats working out for me on Windows 7 and 8.1. Never had that error, maybe it could work on an newer windows version?
( Yeah, I can't recommend using Windows XP as the Support is now gone, I'm sure you got your reasons, but you really should think about upgrading :/! ).
Other than that, I would recommend the TrueCrypt 7.1 (not the latest version which does only support decryption - and yeah, you're right about the limitation - it's really bad...) and on Linux encFS which is compatible with Boxcryptor Classic.
*maybe* there would be some kind of cygwin version of encFS for Windows that could be used in the sameway as Boxcrytor Classic - on windows?
Last thing: I am currently withdrawing all my important files from Dropbox (even encrypted ones) and start to sync then via my homeserver (with the means of git for Source Code, as well as other tools like Owncloud and such) - reason: http://bits.blogs.nytimes.com/2014/04/18/protests-continue-against-dropbox-after-appointing-condoleezza-rice-to-board/
Regards,
Nico
Sorry to correct myself:
Looking for BC Classic 1.5, I've arrived to their changelog and old version repository, where I've found the Version 1.7.401.120 (06/10/2014), (from yesterday!), which seems to solve my VS6.0 problem.
So, by the moment, I'm most glad with BC Classic 1.7
I'd thank you to remove my previous message and substitute it by this following one:
I couldn’t agree more with you. I’ve tried the new Boxcryptor and it has 3 unacceptable deliberate restrictions:
1.- you cannot archive files with “.bc” extension (which Visual Studio 6.0 uses),
2.- you cannot freely choose the names of your folders on your virtual drive root dir (it's read only)
3.- you cannot remove the Dropbox folder to encrypt just part of your DB folder (for they don't either allow you to add a subfolder of it).
They present them as "features", not "restrictions !
So, obviously, I’ve discarded using it.
However, their new Boxcryptor Classic Version 1.7.401.120 (06/10/2014), which solves a previous problem of file saving (maybe of sharing access) doesn't have any of those restrictions and is very convenient.
I'm afraid that my second message has crossed with your reply.
Thanks for your quick reply !
I tried EncFs for Windows before BC Classic, as an, in principle, simpler and more public solution than Boxcryptor, but I had the same (and even worse) sharing problem with it. I suppose it can be due the Dokan Library, that they use for folder sincronization. Also it was quite slow.
About privacy, I'm not so jealous of it and I even would be ready for my data (which is not so "secret") to be examined by judges or official investigators (not that I like it, but I can bear it), if that facilitates fighting against crime. I know there's much controversy about that but that's my view of a good balance between privacy and security.
Cheers,
Jose
Hi, Nico:
Thanks for your explanations.
About Win XP, I have very powerful reasons for keeping it: I know it and I don't find to need anything else. I hate beeing forced by MS to learning a new OS (looking for where they have hidden this time the same features that I normally use) every 2 or 4 years. I already suffer it with my son's PCs' W7 and W8. I know MS have very different interests than me and want to keep their OS protagonism, when, for me, the OS should be a configurable platform which I tune and then forget as a black box (like the PC electronics) where I run the Applications, which are the important tools. And they should guaranty the backwards compatibility with the old Apps, which I don't either want to be forced to update if they are enough for me. I prefer to devote my scarce time to learn new apps than to find the new menu location for the same option in old apps.
Anyway, just to be somewhat more open, appart for beeing supported, which new W7 or W8 features over XP do you find worth incurring in the learning pain ?
Cheers,
Jose
I loved the split pane view of W7 and later, the fact that you could easily arrange two windows next to each other. And of course with W8.1 the kernel rewrite. It feels a lot snapier on my old netbook, compared to W7, which I had to use because of the second graphics card. And - support, patches, security updates.
Cheers,
Nico
Hi, I am new to all this but would like a secure way to store information/files in the cloud (I use OneDrive). I came up with a home made solution using 7-zip with AES 256 security. Say I want to store a file with my credit card pin codes or something like that:
1. create SECFILE.txt on desktop
2. open, write, save/close
3. right click SECFILE.txt, add to archive...
4. type password, click Ok (SECFILE.7z is created same place, 7-Zip closes)
5. shift-delete SECFILE.txt
1. open SECFILE.7z in 7-zip, enter password
2. hit F4 to open SECFILE.txt in Notepad, read, close or...
3. edit (as you start typing a temp copy will be created)
4. save/close Notepad
5. back in 7-Zip hit Ok in pop-up to update archive
On Android ZArchiver works fine to open and read files. Temp files are being deleted automatically. Deleted files are sometimes possible to undelete. As long as the computer or smartphone in use is protected with a secure login password/pincode it should be ok though I guess.
But Boxcryptor is much easier. Regarding the issue of storing keys on their servers doesn't the "possibility to create an "Local Account", if you also want to keep your encrypted keys on your own device." option with version 2 0 solve your problem?
@ Anders:
I had a similar approach: I used a AES256-encrypted WinRAR5 archive with my files. Very nice, fast and easy. But this approach has one major flaw: It doesn't scale to other platforms. I wanted to view my passwords on iOS and used Documents by Readle. But they only support weak Zip-encryption. I started using a Mac and WinRAR doesn't work on Mac. 7zip does. But their support with good encryption is very limited and buggy.
Long story short: If you found a workflow that works for you, and you don't need to switch it, go for it. You can change it later on. But if you want to be prepared for future changes, Boxcrypter Classic is very convenient and works cross-platform.
Now that tresorit has a first client for Linux I switched to tresorit. And it is very comfortable and does not store keys on the server.
my beef with bc is that image uploads from android are never getting encrypted even tho I changed the settings - which IMO should have been by default.
my second gripe is there is no way to contact the bastards, no contact us link whatsoever.
in one of the forums - think they use desk.com - it even maxes out the no. of responses, and their own employees upvote each other's votes while downplaying genuine customer gripes.
thanks for this post, makes a lot of sense to get our of bc2. jeez when companies get greedy all hell breaks loose and they make life terrible for us.
Take a look at EncFS MP http://encfsmp.sourceforge.net/