Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Encrypting some Files on hard drive


  • Please log in to reply
7 replies to this topic

#1 cooljay

cooljay

  • Members
  • 183 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 30 September 2016 - 12:47 PM

Ever since the scare I had in the beginning of the week and the lingering fear of my computer being easily compromised I decided to encrypt certain files on my hard drive. (Nothing to do with the NSA, lol, but everything to do with common low life hackers.)

 

Several names keep being floated, one of the TrueCrypt. I read somewhere that TrueCrypt is not in operation anymore? I also hear 7-zip being mentioned but when I looked it up it said it compresses files, no mention of encrypting them.

 

I run, by the way, Windows 7 Home edition, x64. From what I understand, the Windows encryption feature won't work, I would need the business edition of W7.

 

Basically, I just want the folder that contains logins etc to be encrypted, and maybe some other sensitive documents. I also want them to remain encrypted  during upload to some backup program.

 

Speaking of which, I just looked at the best backup programs of 2016 in PC mag, and encryption isn't mentioned at all. SpiderOak used to be encrypted a few years back, I don't know about now, but I am surprised that PC mag doesn't use security as a criteria for choosing your backup program.



BC AdBot (Login to Remove)

 


#2 MDD1963

MDD1963

  • Members
  • 688 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 30 September 2016 - 08:50 PM

7Zip indeed also gives the option of encrypting files while compressing them into an archive...easy to use, and quite popular....

 

 

 

TrueCrypt is no longer supported (but still works fine, IMO), but VeraCrypt is a quite similar fork and widely available.

 

Glary Utilities also has an easy to use 'encryption/decryption' of files option...


Asus Z270A Prime/7700K/32 GB DDR4-3200/GTX1060


#3 RolandJS

RolandJS

  • Members
  • 4,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:07:28 PM

Posted 30 September 2016 - 09:33 PM

From reading about the experiences of a few others across The 'Net, if you go this encryption route, and you do not accurately keep usernames, passwords, Unlock keys, etc. in a locked-in-drawer notebook and you lose or fail to remember the encryption password, you could very well lose your folders and files forever.  Be careful.


Edited by RolandJS, 30 September 2016 - 09:40 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

"I heard Spock finally got colander!"  "I believe the word is Kolinahr."  "Oh."


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 01 October 2016 - 05:31 AM

 

I run, by the way, Windows 7 Home edition, x64. From what I understand, the Windows encryption feature won't work, I would need the business edition of W7.

 

You are probably referring to BitLocker. Indeed that is not available on your edition of Windows 7. But it would not match your requirements. BitLocker encrypts the whole drive.

What is available to you is Windows' Encrypting File System (EFS). https://en.wikipedia.org/wiki/Encrypting_File_System

It can encrypt individual files and folders.

But I don't think it's what you want. I would need to know more what kinds of attack you want to protect your files against.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 cooljay

cooljay
  • Topic Starter

  • Members
  • 183 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 01 October 2016 - 05:31 PM

Thanks for all your responses.

 

Roland, you are absolutely right. Thanks for the warning. I could easily be in the category of people who lose their own login.

 

Didier, I don't know what kind of attack. But the other day, through a scammer who gained access to my computer (I won't revisit that right now), my files were right there for him to take or copy. If it had been encrypted, they had been safe.

 

Ok, I know, I shouldn't have been giving access, however, sometimes we need to. Whatever the reason HOW someone could be in the position to view those files, they should be able to, and that's it.



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 02 October 2016 - 03:18 AM

But the other day, through a scammer who gained access to my computer (I won't revisit that right now), my files were right there for him to take or copy. If it had been encrypted, they had been safe.
 

 

If the scammer was using your account, then EFS will not protect your files from the scammer.


Edited by Didier Stevens, 02 October 2016 - 03:19 AM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 cooljay

cooljay
  • Topic Starter

  • Members
  • 183 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 02 October 2016 - 12:02 PM

Hmm. I don't know what that means. I gave one of those fake techs access to my computer for a time. And I think he may have copied some files. Maybe. So you are saying if those files had been encrypted with EFS it would not have protected them?

#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 02 October 2016 - 02:43 PM

Correct. Simply put: EFS encrypts files, but they are "unlocked" when you login to your computer. And they are "locked" again when you logout.

You don't need to provide a password to access EFS encrypted files, that password is used transparently when you log in.

 

Since you let someone run a program on your computer with your account, they would have been able to read EFS encrypted files.

 

EFS protects your files in the following scenarios:

1) the computer is shutdown (or you are not logged in)

2) several users are logged in on the same computer (thus different accounts)


Edited by Didier Stevens, 02 October 2016 - 03:32 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users