Did A Google Earth Mistake Cause A Couple's Brutal Murder?
Tumblr 101: Tips And Tricks To Get Started
BCArchive creates mega-secure encrypted archives
Archives are very easy to snoop into. Heck, Gmail looks into every ZIP archive you get, and won't let it through if it contains any executables. That's fine, and I can see the point of it.
While you can get around GMail's rudimentary checking by simply opting for a different compression format (7z, anyone?), sometimes you want a bit of extra privacy for whatever is inside your archive.
For those cases, BCArchive is just what you need. While it is a proprietary piece of software, it's freeware and it lets you use any of a vast number of established, high-security encryption algorithms. The end product is an encrypted file, either using a password or using a private/public key pair.
The resulting file can also be made executable, which means that while you would have a problem emailing it to someone else, it would be easy for you to decrypt it in the future without needing a copy of BCArchive.
Interestingly enough, I could not find PGP on the list of algorithms the program supports. Perhaps it's there, just under a different name. If there are any crypto-nerds in the audience, please enlighten me – why isn't it there, or what is it called these days if not just PGP?
BCArchive boasts very powerful encryption, but I could not find much information about its compression algorithms. It seems like compression is more of an after-thought on this one, or a way to bundle all of the files into one chunk which could be easily encrypted. Still, when you go for a solution like this, I can see why you would care more about the encryption than the compression.
Comments
7
Subscribe to commentsbox750May 31st 2010 12:32PM
PGP is there, they call it Serpent now. Excellent article by the way.
stinlen56May 31st 2010 4:29PM
ummm, no. The reason PGP isn't on the list is because it is not now, nor has it ever been an algorithm. It is a program, or if you like, a method, but not an algorithm.
Serpent is an algorithm, this is true, but it is not related to PGP.
PGP debuted in the early 90's and Serpent debuted in the late 90's. They are not related other than the former can use the latter if it chooses.
DrDrraeMay 31st 2010 1:58PM
7-Zip supports AES-256 bit encryption which would be more than enough for most people.
ippapyttu_454May 31st 2010 2:59PM
100% agree. Just use an AES-256 .7z with a highly random and lengthy passphrase like:
c5o^z%zNbrRYX*Mn$MF9v
and you will be fine.
stinlen56May 31st 2010 4:35PM
Good enough for most? You make it sound like it wouldn't be good for some people. AES-256 is good enough for US Top Secret data. Who is it not good for?
Don't get me wrong, I agree with you that 7zip is just as good an answer and probably better since it is open source (you should never use encryption software that is not opensource for fear of backdoors). I just think you're implicitly selling AES short.
DrDrraeMay 31st 2010 5:10PM
It was mostly sarcasm but there are published attacks against AES-128, 192, and 256. This, by no means, makes it easy.
stinlen56May 31st 2010 5:31PM
The only published attacks I've seen are still infeasible. I guess I didn't get the supposed sarcasm because the cryptographic strength of AES on 7-zip could be stronger, they could use keys instead of a password, but this essentially moot.