This may be a good program, but personally I deem all encryption software useless as long as the government dictates such software have a backdoor for "security" reasons.

The publisher's homepage link is down.


I gave it an upvote on spec, simply because of the wide variety of encryption functions covered. It's true that a Russian encryption program is less likely to have (western government) back doors. The enemy of your enemy is your friend, or at least ally.

But give it a miss if the trial version can't decrypt previously encrypted files, and it's disappointing if it doesn't have a self-decrypting option for encrypted files.

As to free stuff, remember that the 7Zip compression program can both encrypt with AES AND it can have a self decryption option if you select it -- adds about 160kB to the file.

Do not install it on Windows Server!
I had a problem with server start after this program installation.
It was possible to uninstall it only after starting Windows in safe mode (with some efforts).

Just use Axcrypt,it is free (open source) and very easy to use.

I'm a law abiding person, but I'll admit I have a lot of fear about backdoors in any encryption software. I don't want bad guys getting access to my financial, personal data or account passwords. That's what I use encryption for. Some years ago everyone (including Giovanni and others here) said get TrueCrypt, so I got 6.2a and have used it exclusively. I never bothered to update it for fear of backdoors having been added. Not long ago someone posted TrueCrypt was gone and when I checked their site, sure enough it was true so I wasn't able to get a more recent version. Other sites have more recent versions of TrueCrypt (anyone know which was the best, most secure version?) but I don't trust any of these other sites to have pure versions without backdoors added. Some posts I read speculated that TrueCrypt ended because they didn't want to fight a battle they couldn't win against certain powerful people.

What's AxCrypt's status (I think it was for individual files rather than a whole virtual drive)?

So... is there any widely used currently available encryption software that doesn't have any backdoors and is considered secure, or is that a thing of the past and it's just a matter of which country you prefer to have a backdoor into your financial and personal data? If the latter is true, then is sticking with TrueCrypt 6.2a the best course of action?

#17. Interesting comments. Where did you hear about people getting hassled at the border if they posted negative comments about certain people?

Anything coming from google is unsafe now and it will be forever. They have background communications open when ever you access their servers for what ever reason, even for searching. And most of that info has a permanent file with your name (IP address) attached to it.

I do agree with Giovanni on this one as I too use open source solutions both paid for and at no cost. Since I will not download this product to test it (what I already use works fine) I am not going to rate it either way. That would be unfair to the maker of today's giveaway!
To those who are unclear what encryption is used for, it is more important than ever to use it. I have been in IT architecture and operations for more than 30 years. With more information being moved around the cloud (including social sites) the need is even greater for encryption services.

In response to XP-man's comment: "zip" files with a password are not the same as encrypted files. A group of files added to a compressed file usually cannot be edited unless you manually un-compress them first. Also, the passwords can be easily removed with the right tools. Encrypted files (and folders) can be freely edited since encryption/decryption happens on the fly. This includes database and even executable (sometimes) files too. It's a "set it and forget it" solution.
** It is important to note that you save copies of your encryption keys in case the used ones are accidentally deleted (for whatever reason such as a system crash). Without them you cannot get to your files!!

More people should invent their own encryption systems, to avoid "backdoors" - and to give snooping authorities overwhelming problems

Encryption is a situation where it can be a good idea to construct your own nencryption computer program - and preferably a on-standard one.

To be more safe, the encryption program should run on a computer that is never conneected to Internet, or you should "handcryp", without using a computer!

As with any security software, you want to check out the integrity of the company, usually through independent reviews.

It is silly to say "all American hardware and software" contain backdoors. The government doesn't control or have influence over every software & hardware developer in this country.

You should be careful of programs like LittleSpider if they haven't been checked out. In LittleSpider's case, it is written in Java so perhaps it can be examined for issues; or for the technically inclined, you could monitor the output of your system to see if it is contacting any external websites you don't expect.

#13 TPM is Trusted Platform Module, which is a cryptomodule built into many PCs today, and can be leveraged by certain software to provide encryption. Bitlocker, for example, uses it to encrypt the keys used for disk encryption.

#29, for a program to stop you from deleting an encrypted folder, it would have to insert itself into your operating system and be running all the time. This would make it more intrusive, take up memory, and unduly complicate the program. Rather, just keep good backups.

Idiotic and unthinkable to download and install ANY encryption software which might at any time become unuseable because repeat installs were never permitted or because a limited license period just ran out. It's marginally less idiotic and unthinkable to download and install encryption software from a supplier you've never heard of and cannot find a single credible supportive review. Thanks, GOTD, but absolutely no thanks. This is one giveaway which should actually be in a buy-only category so as to protect people from themselves.

I am amazed at how many "computer" literate people leave comments with you - everyday - but what amazes me even MORE - is that MOST of them have not found the "spell check" button. Nothing says more about a person's ability to communicate in ANY language - when they either can't or don't take the time to examine their narrative & how it is going to be seen (by say, someone who's 2nd language might be English - and then the errors keep multiplying exponentially). I understand "twitter-verse language" but these are not those. C'mon peeps, watch the board, & what you are pressing on it, eh? ;)

For all security software it's very simple to decide
1 If there is open source software it's first choise!
2 If there isn't you have to decide whether you trust an unknown company and further on
3 if you trust the company's residential government enough that it won't force the company to reveal your secrets one way or theother.

And I think it's very very naive to believe in times of cyber warfare that if activities of one "side" have been revealed that others sides activities have ceased or are harmless!

#27: "All american harware and software have backdoors that can be used by NSA, CIA and FBI."

Interesting, if naive statement...

EVERY government gathers intelligence. If they did not they would be incompetent, *If* they could even survive. The justification for having a government, from the earliest times, has always been give us power & authority & we'll protect you. It's been said by the earliest kings, & before that by tribal leaders. If you're going to protect someone, or yourself, you 1st have to know what threatens you. We haven't heard from a Russian or Chinese Snowdon, or German or Italian or French version either.

I'm not saying it's right -- I'm saying it's naive to think not every country does their best to do the same things.

As far as hardware goes, by far most electronics do not come from factories in the US, so it would require opening & modifying hardware afterwards -- while possible, it simply could not take place on the scale for it to be commonplace, for it to be more than a very targeted effort against a very limited number of people. As far as software goes the same problem of scale applies. If every software dev in the US had cooperated, knowingly or not, with the likes of the NSA, it's inconceivable the story would not have leaked a decade or more ago.

* * *

#29: " So I encrypted a folder, no problem. I was also very easily able to delete it. That’s not too safe I should need to be asked for the password to delete it as well."

Preventing a file/folder from being deleted can be dangerous territory. It's rarely used, & when it's done we usually find out about it because software malfunctioned & we can't get rid of that file/folder. Perhaps the best way to prevent something from being accidentally deleted is to set restricted permissions for that file/folder in Windows. It's not likely you'll be able to protect files or folders from deletion by bad guys -- they can for example format the drive if that's their goal -- but most wouldn't want to delete your stuff anyway because that would tip you off that they're there.

That said, while I'm not a huge fan of this personally, a lot of security [Anti-Virus etc.] software includes features to create so-called safes. Security software often sends roots pretty deep in Windows -- their files are actually the ones the bad guys try to get rid of. IMHO having one set of roots that deep is better than having two or more sets of roots that deep from additional software you've installed. The more there is to go wrong, the more there is that will go wrong.

@Steffo (#27) While many do, not all software has the backdoors you are worried about. Simply look to open source: because of efforts of the computing community, any backdoors tend to be rapidly found and barricaded.

What makes CyberSafe Top Secret Ultimate different from the usual encryption apps is, from their product page: "CyberSafe Top Secret supports encryption on the basis of Public Key Infrastructure". Research certificate based encryption & you'll find pros & cons depending on how you want to use encryption, e.g. if you export your e-mail account info in win7 so you can import it in win8 later on, you might be happy with a password protected 7z file, and be able to skip the download & installation, including the software's drivers [from alpha system programming doo nis]. If you can't figure out how to get the password for an encrypted file to someone else securely, 7-zip OTOH will do you little good, but CyberSafe Top Secret Ultimate could handle it.

Documentation is on the weak side -- their [downloadable PDF or on-line html] manual walks you through using CyberSafe Top Secret Ultimate with e-mail, but less, & sometimes nothing is said about other software features.

* * *

#6: "although i like the idea of encrypting a file , but i would grap this if it had a self decrypting feature as well."

When you encrypt something you need some sort of key, both to encrypt whatever & decrypt it afterward. That key is the most vulnerable, and important part. You might memorize it or store it someplace [hopefully] secure, but if you want to send something encrypted to someone else, how do you give them the key? You can hand it to them or tell them in person, but that doesn't work so well on-line -- you can hand them a folded slip of paper so that no one else can see what you've written, but something like an unencrypted e-mail could be intercepted. That's what certificate based encryption is designed to address.

CyberSafe Top Secret Ultimate is certificate based. You can send someone an encrypted message or file without giving them the password. For it to work that way they need to have CyberSafe Top Secret installed, & you have to have their Public key -- they decrypt it using CyberSafe Top Secret & their Private key.

If you want to send them a self-decrypting file, CyberSafe Top Secret Ultimate will let you create an encrypted, self-extracting .zip file, but you could do that outside of the software already with something like 7-zip.

* * *

#11: "The first question is whether the program is open source? We buy a pig in a poke? In the case of encryption tools is important if the program does not have a hidden trapdoor."

As reports in the media continue to show, having an open source encryption or security solution is no guarantee of anything. It should help prevent bugs, but as Heartbleed showed, that's not always the case. It should in theory prevent someone(s) adding a backdoor into the programming code so that they could always decrypt whatever's encrypted, but that's assuming that someone(s) went through that code, *and* was able to spot it. Truecrypt was considered secure, & then [according to the authors] it wasn't.

I've read quite often since the Snowdon leaks were published that open source is the way to go, because commercial companies could be pressured [maybe even forced] into doing just what agencies like the NSA want. To me that blanket recommendation makes little sense. If you're doing something as simple as vacuuming or sweeping the floor, you don't *1st* move the furniture to clean underneath it -- you target high traffic areas 1st. People by nature very logically go after the low hanging fruit, where less time & effort will get maximum results, & then we'll sometimes go after the rest.

Agencies like the NSA, & criminals, are going to 1st concentrate their efforts where they'll reap the greatest rewards, & that means going after whatever is most widely used, where they'll get the most data from the highest number of people.

Personally I'm a cynic. I don't believe that any government or company only employs saints, who BTW never, ever screw up. If any individual, group, company, government etc. has *valuable* secrets, there are other people, e.g. criminals &/or those employed by governments, who will try very hard to buy &/or steal those secrets. And when buying or stealing doesn't work, there's always coercion. They are very often successful, or otherwise intelligence gathering would be limited to simple physical observation. Maybe ironically, once they have whatever secrets, the hunter becomes the hunted. If anyone has a way into whatever software, I have no reason to believe that they are the only ones who have it.

I used to [perhaps lazily] buy into the notion that open source crypto software was best -- that was then. Besides trying to fly under everyone's radar, trying not to become low hanging fruit myself, I don't know an answer.

* * *

http://blogs.msdn.com/b/plankytronixx/archive/2010/10/23/crypto-primer-understanding-encryption-public-private-key-signatures-and-certificates.aspx
https://developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography#Internet_Security_Issues
http://blog.cryptographyengineering.com/2013/12/how-does-nsa-break-ssl.html
http://blog.cryptographyengineering.com/2013/09/on-nsa.html
.

I've read on the developer's website home page and here that CyberSafe is open source. I think this proves transparency of the software.

I had some trouble activating CyberSafe. The key is to close the program and restart it and then cut and p. So I encrypted a folder, no problem. I was also very easily able to delete it. That's not too safe I should need to be asked for the password to delete it as well.

* harware should be hardware (sorry !)

All american harware and software have backdoors that can be used by NSA, CIA and FBI.

#4 Majority of voters thumb down based only on price. It's been like that since the beginning.

#9 - Then why in the H did you vote it down. I'ts a problem with this outfit not being able to have more voting choices but, seeing you already know this and had even mentioned it...Why did you vote it down. You seem to be adding to the confusion.

I really like the free Kryptelite. If I was to pay I think Kryptel with its USB encryption is a better deal.

My suspicion about LittleSpider or other similar software.

During or after it scans a computer for unprotected sensitive data like passport numbers, student ID numbers, credit card number, mobile phone numbers etc - it may send them to an unknown server somewhere out there in the Internet, without your knowledge or approval.

Although it may be legitimate, some may not be.

This scenario is the classic case of a poison posing as a cure.

If you had not run it through your system, then the data miners would not have been able to mine all your bank account numbers, secret internet banking PIN codes, credit card numbers, etc...

But because you did, falsely thinking that you are discovering them so that you can encrypt them later, the data was sent to some unknown party somewhere else in the world - before you had a chance to encrypt them.

@ric (#21): "Always buy encryption software that you intend to use."

I'm sorry, but that is plain wrong!
The correct line was:
"Always buy encryption software that you intend to use. But only if it works w/o (online) activation".
What's the use of your buy if the activation server/helpdest/whatsoever is down?

Backup line was:
"Only use (buy) encryption software that /at/least/ decrypts in trial mode. And always keep a copy of the original installer in a safe place (and all updates).

I repeat my comment on this software recently on another giveaway site, as follows:

"Must be downloaded, installed, and registered before this offer has ended -- you cannot register later; if you want ability to install/reinstall/register at any time, get CyberSafe Top Secret Ultimate with free updates"

Rule #1 If you want to lock something important, make sure you can always re-install the encryption software; in case of system crash or virus attack or some unexplained bug making the software malfunction.

This is probably good software. If you like it, make sure you buy it.

Always buy encryption software that you intend to use.

Or use encryption freeware.

What happens if your HD dies or corrupts the app's filed? Buy a new computer? Normally, one reinstalls and moves on. In this case, you can't given the terms of GOTD.

So if you wish to move forward with this offer, remember you may be facing a $95 price tag just to get access to your files back. For that reason, I'm out.

A nice offer,
However I have found instead of encryption. That a person is much more secure by never putting anything personal , or sensitive on a computer to begin with...So this I will pass on... thank you GOTD, I am sure this will be handy for many people ..

@Doc (#13):
https://en.wikipedia.org/wiki/Trusted_Platform_Module

Be aware, that TPM (at least the actual implementation) is US based and by this prone to contain backdoors.

@G (#15): even my 1st post (#8) was rated bad (-9 at this time) I have the same point again:
With western paid or free software (especially from companies based in US, a bit less risky are the other 5-eyes members) you /have/to/ assume there is a back door in it.
Even if you assume the same /w russian software: Having the russian "NSA" have your data will affect your life /far/ less than having the real NSA have your data (except you're planning trips to Russia and China). Starting off /w what I wrote in #14, further it already happened that ppl got problems on US borders just bc they posted "bad" ideas about Mr. Obama and/or his administration.
Now guess what happens if your Google docs (or other things) appear "bad" to NSA. What if your picasa pics show you /w a guy the "automatic face recognition" thinks is a terrorist. etc. pp.

I trusted Russian software /way/ over American.

Installed and registered without incident. It took all of 5 minutes to complete the process. This does just what I was hoping it would do. Thank you GOTD!

"CyberSafe is one of the most powerful data encryption software available." - according to who? I have searched the website and cannot find any official accreditations?
What testing has this software been through, e.g. common criteria/evaluation assurance level.

Not for me thanks as I have no confidence in the product.

@Tranmontane:
It's not your wife that you need protection from. It's the complete loss of your privacy, no matter if abused for advertising, profiling (am. companies already "screen" ppl before hiring - and wait 10 yr and you'll see same as credit scores for insurances) or finding "terrorists" (have you heard that you can be listed on terror- and nofly-lists w/o any reason?).
For this the protection cannot be high enough as data is stored at NSA (they just build/t a new storage center in US) and has to withstand decryption in 5 or 10 yr from now.

@ Richard S. above

what is "TPM?"

#4. Bill B.

Maybe later today, others that know more about this software, will explain the majority of thumbs down that it’s receiving?

----------------------------------------------------------------------

Maybe because for this kind of software many people (included me) think that it's better rely on Open Source apps or FREEWARE alternatives, unless you are willing to buy the full license to retrieve your files and/or partitions, should this GAOTD key get lost due to a PC crash or virus attack.

As I said there are plenty of FREE alternatives that do the same without charging you a dime for that....

http://veracrypt.codeplex.com
https://diskcryptor.net/wiki/Main_Page

If instead what you need is to encrypt single files & folders only, rather than an entire HD, first of all download a FREE GEM called "LittleSpider".

In short it scans any documents in your PC containing unprotected sensitive data like passport numbers, student ID numbers, credit card number, mobile phone numbers etc...

http://code.google.com/p/coe485-101

Then, to protect them from snoopers, you can use one of these FREE encryption software:

http://elefantsoftware-en.weebly.com/encoding-decoding.html
http://stefanstools.sourceforge.net/CryptSync.html
http://hummerstudio.com/filewall
http://www.geneosoft.com/software/guardaxon
http://securefoldersfree.com
http://www.giantmatrix.com/products/aplus-folder-locker-free-edition/features

Just to mention a few ones....

Total cost = 0$/€ + no license hassles!

Be smarter! ^_^

The first question is whether the program is open source? We buy a pig in a poke? In the case of encryption tools is important if the program does not have a hidden trapdoor.

and it is installed only on drive C:\ by default. Another reason for Thumbs down!

Personally, I wouldn't have thought that the average person would need SUCH a high level of security. I mean, if you are just dropping a line to an old girlfriend of yours (or, if you are a woman, to your old boyfriend) which your partner has no reason to be jealous about, but sometimes is, then you don't need much to conceal it.

It is again a case of "This may be good, but (providing SUCH a high level of security) it's not something I need." So it gets voted down, even though (maybe) it is a good, useful, programme -- for those that need such things.

GOTD is doing itself, and the app developers, a disservice by not being ABLE to discriminate just WHAT is being voted down.

-- Tranmontane.

2 years ago we had to be warned: "Attention, Russian company, potentially unsafe"
Isn't it a pitty that nowadays Russian companies appear to be way more trustworthy than American ones.

Installed, but can't be activated. Even when filled with given activation key, a pop-up would appear to say that 'ACTIVATION_BAD_REPLY'. Having tried many times but all failed. That's a reason among others for Thumbs-down, #4.

i tried this from another giveaway, although i like the idea of encrypting a file , but i would grap this if it had a self decrypting feature as well. Which it does not, so i will not download this.
Thanks for the effort.

Dear GOTD users,

we are sorry for the problems with the developer's site.

It is fine now so please don't hesitate to register your program copy.


Have a nice giveaway!
GOTD project team

Finally, a software giveaway that seems half-way decent! But yet, others are giving it more thumbs down, then thumbs up? There must be something that I don't know about as to why folks are giving it a thumbs down? Maybe later today, others that know more about this software, will explain the majority of thumbs down that it's receiving?

Have installed on windows 8.1 but the registration key does not work, I get an error cannot connect to registration server or bad register

For those who require a high level security the PGP type programs are probably the answer; there are quite a number of freeware version, typically:-
http://www.gpg4win.org/
Personally I have no need of file encryption but if I did I would find a password protected compressed file adequate for my needs I am sure if it had a long enough password.