Categories
Security

fSekrit Encrypting Security for Windows

Easily read and edit encrypted notes in their own portable executables
fSekrit is a small application for keeping encrypted notes. The real advantage of fSekrit is that notes are truly self-contained; the editor program and your note are merged together into a tiny self-contained program file, removing the need to install a special application to view your data. This makes fSekrit ideal for keeping encrypted notes on, for example, USB flash drives.

Another advantage of using fSekrit is that your un-encrypted data is never stored on your harddisk. With a traditional encryption utility you would have to decrypt the file to disk, view or edit it and then re-encrypt it and unless you use secure file wiping programs, it would be a trivial matter for someone to retrieve your un-encrypted data, even thou This can’t be done with fSekrit, though, since it never stores your un-encrypted data on disk.

fSekrit uses very strong encryption (256-bit AES/Rijndael in CBC mode) to ensure that your data is never at risk. Self contained fSekrit notefiles are tiny! Only 40k plus the size of your text.

Your unencrypted data is never stored to disk by fSekrit. It is, however, stored in memory (otherwise you wouldn’t be able to view or edit it .

This means that windows, in case of low memory, might choose to swap it out to disk, in which case a malicious hacker with access to your computer could snoop it from your paging file. So, avoid running fSekrit in low-memory situations (i.e. don’t keep it open while playing 3D games or using photoshop).

The 256-bit AES encryption key is constructed directly as an SHA-256 hash of your passphrase.

When you use file->save, some tricks have to used, since windows will not let an application write to it’s own .exe file (or in fact any .exe file that is currently running). Thus, fSekrit makes a copy of itself with the newly saved data, launches this temp file that copies itself to the main file, and launch the main file again to delete the temp file. This is why the main window goes in and out of existance briefly when you save.

To avoid re-entering your passphrase every time you save, fSekrit passes your encryption key on the commandline. But note that your passphrase is never passed on the commandline, so simple snooping cannot reveal it.

A skilled malicious person *could* theoretically snoop the key and use it to decrypt your data though, so be cautious when running fSekrit on systems you don’t trust. However if you are using a computer you don’t trust then there are more serious risks to worry about, such as the possibility that there are keyloggers running, which would record your passphrase without the complexity that key snooping would require.

The fSekrit executable is compressed using Jeremy Collake’s PECompact2, which chopped merrily away at the original ~76k filesize before compression.

To identify whether a correct passphrase has been entered, a SHA-256 hash of the original plaintext is stored in the file header. This is not a security risk as your data cannot be reconstructed from the hash.
What’s New in This Release: [ read full changelog ]

路 added: read-only notes, finally 馃檪
路 bugfix: changing key on unsaved document would crash
路 bugfix: saving an empty document would crash
路 bugfix: running fSekrit.exe (w/o embedded note) from a CD was unable to
路 Save As because read-only file attribute wasn’t cleared on destination

See Demo – Download – Visit Author Site

Please comments and give ratings. You may also report of broken or incorrect link using comments box below. Thanks!