I’m pretty sure everyone has to send files to someone else online at some point, I’ve found myself having to do it quite often. And there’s always a quandary when it comes to sending something that is somewhat confidential. How do you secure it in transit?
We generally have a few options –
1) Passworded MS document (Excel/Word etc)
2) Passworded .zip file
3) Encrypt the file using something stronger (GPG/PGP or some kind of encrypted container)
As for 1) and 2) they aren’t really secure at all, and as for 3) whoever is receiving the file needs to have the same software installed and your key to decrypt it – which in the majority of cases isn’t going to work.
Then you need to find somewhere to upload it (Dropbox/FTP/Yousendit etc)
Pretty much everyone you know would look at you blankly if you asked them to install GnuPG.
So now a new tool is coming out called Just Crypt It which should solve all of our problems, if you are interested in finding out more you can check out the webinar here on Sept 7th at 1PM EST / 7PM CET (Saturday).
Sign-up For The Just Crypt It Webinar
See you there :)
alibert says
PGP offers encrypting a file to .exe. And I have seen people use axcrypt, but I don’t how secure it is.
Darknet says
Thanks, AxCrypt looks pretty cool – gonna check that out.
Bogwitch says
Apart from the fact that your ‘article’ looks suspiciously like an advertisement…
Without having any details of the service that is being provided, it is difficult to make a judgement however, I’m going to. The fact that justcryptit.com is void of any relevant information suggests a closed solution – not the ideal basis for Crypto.
If there is no requirement to install software onto a device, the encryption must be carried out at the service provider. Therefore, the service provider has full access to the unencrypted data. The only possible alternative is that encryption will take place in the browser using Javascript or similar. This is not an ideal solution!
http://www.matasano.com/articles/javascript-cryptography/
As always, encryption implementation is incredibly difficult.
One further point: I understand that the latest version of MS Office encryption is pretty robust but I’ve not looked heavily into it. The same goes for the latest zip encryption and I know that 7-zip provides 256bit AES (and this is portable across platforms) The strength of these is directly proportionate to the strength of the key selected (to a limit)
Darknet says
As for the first line, it kind of is yah – but if I didn’t think it was cool I wouldn’t write about it.
As for the URL, it’s not the right URL – so yah, so info there.
It’s not a closed solution, and yah as for the 3rd para, you are getting there. I agree it’s not an ideal solution, but it is a lot better than nothing.
And yah 7zip is pretty robust (as are the very newest versions of MS products) – but how many people are using those?
I just hope this service opens up an easy, hassle free, (fairly) secure file transport crypto for the layman.