October 20, 2016 at 20:21 #4478
As a long-time user of AxCrypt 1.7 I decided to try out version 2.0 and I couldn’t be more dissatisfied.
I fully appreciate the concept behind version 2 but my primary use of the old version was to share files. I cannot reasonably expect the people with whom I share files to download AxCrypt in order to be able to decrypt the files.
I also dislike that you can’t have individual passwords. The development team suggest this is insecure but changing from a symmetric to asymmetric scheme brings about it confusion, extra steps for the user and inconvenience.
Most people who use AxCrypt will have full disk encryption and will therefore rely upon AxCrypt not to protect their own files (where multiple passwords may be an issue, especially if insecure) but to share files with others. I therefore reject the argument that removing the ability to have file-specific passwords makes it more secure because this simply isn’t the use case here.
If money is a concern to the people behind AxCrypt then I suggest that you re-build the capabilities of 1.7 into 2.0 and charge a registration fee (either one-off or recurring). I’d be happy to pay $20 per year. You could then offer a ‘Classic Interface’ option (with all of the original functionality) or maintain the two pieces of software independently of one another.
No matter what I shan’t be using version 2 as I dislike the concept. There are far better, peer-reviewed alternatives to your new concept (e.g. PGP).
Unless AxCrypt continue to support 1.7 I will regrettably discontinue using your software.
People wanting to replicate the functionality of version 1.7 would be well advised to use 7-Zip as it’s free, open-source, peer reviewed and offers AES-256. You can also create an encrypted self-extractable file. 7-Zip also has the added option of compressing the archive as well.October 20, 2016 at 23:03 #4482
Thank you for your feedback! Sorry you’re disappointed of course. I’ll try to shed some light.
It seems you treat “self-decryptable files” as the alternative to “people with whom I share files to download AxCrypt“. There are just so many things wrong with the self-decryptable executable though. See http://www.axcrypt.net/blog/avoid-self-decrypting-files/ .
Instead of a limited problematic self-decrypting exe, we now have a fully featured standalone portable software (that you can send along to your recipients if they in fact can and want to accept executable files).
I do agree that full disk encryption is often a good complement for local file security. AxCrypt is at it’s best when sharing files outside of your computer. That’s why we introduced the simple file sharing feature. Sure, PGP does it too – but for IT experts. Normal people will struggle.
We may indeed later introduce some variant of AxCrypt 2 with a fixed license.
AxCrypt 2 is free (with premium features) open source, actively developed, peer reviewed with full specifications and code available here and here. PGP(i)s current status as free, open source etc is very unclear, at least to me. The lastest from Phil Zimmerman is “New developments: As of June 2010, PGP Corp was acquired by Symantec”. Well… The Wikipedia section sheds no further light: https://en.wikipedia.org/wiki/Pretty_Good_Privacy .
7-Zip *is* a pretty good alternative for simple password based encryption, but it’s slightly less convenient to use and much less so when sharing. But it’s open source, well respected and very stable. I like it!
AxCrypt compresses all data before encryption, by default, just like 7-Zip.October 23, 2016 at 18:17 #4489
I appreciate the negatives of self-executable files but the reality is many companies do allow them. Once the file/s have been extracted the virus scanners check the contents aren’t malicious.
Okay, some email systems don’t allow .exe them but there’s nothing to stop you uploading it to a shared cloud service like Google Drive. Or you can change the extension and ask the recipient to change it once downloaded.
There are increasing numbers of fully encrypted cloud services now which make file-sharing even easier. For users of these they make the AxCrypt software redundant. People who want to share files on a non-encrypted cloud service have to either upload the file encrypted with another piece of software or upload it unencrypted.
It’s all well and good saying that people can download a standalone piece of software to decrypt files shared with them but that is another interruption to their workflow.
There’s no real difference between PGP and AxCrypt 2. The user interface is very friendly and there’s no real difference in underlying concept. On the plus side PGP does allow symmetric encryption and a number of different algorithms. PGP has been around for nearly 30 years and has been tried and tested.
Your comments about the ongoing development of PGP aren’t really applicable to the average (non-commercial) user because the excellent GNUPG is continually updated for Windows, Linux, Mac, Android, VMS and RISC OS. It was last updated in August 2016.
The original PGP is indeed owned by Symantec but the open-source variant (GNUPG) is the most commonly used and receives significant funding.
I really wish you’d take peoples comments on-board and re-introduce the removed features because there are a lot of people on this forum who seem prepared to pay (historically you were freeware) if you were to give them what they wanted.October 23, 2016 at 20:50 #4490
Thanks for taking the time to discuss these issues.
We do take peoples comments and views very seriously, but we can’t make everyone happy, and especially not ‘now’ – we’re still short of resources. As mentioned, we’ve already done a lot of modifications based on user feedback.
As for the self-executable issue, as a result of this and other similar discussions we’re not considering a twist on that which goes like this:
Select any number of encrypted files, and then do “zip and include AxCrypt” (final name not decided;-).
What happens is we take the encrypted files, add the standalone AxCrypt, and zip them to a single archive that can then be stored or emailed or whatever.
Some mail servers will still block it, because there’s an executable inside the zip, but it’s just as convenient for the sender and the receiver and has the added bonus of handling multiple files.
It’s not implemented yet, and we may need to hash it out a bit more, but it’s one way forward to offer equivalent functionality within the current framework.
As for PGP being around 25+ years, that is true, but AxCrypt has been around for 15+ years as open source- that’s not too bad either! Also, that’s PGP. GnuPG is ‘only’ about 19 years old.October 23, 2016 at 22:31 #4491
The ‘twist’ you describe “ZIP and include AxCrypt” sounds like a reasonable compromise although may I suggest the option be called something like “ZIP and include AxCrypt portable decryption software” as it’s a little more explanatory. You may wish to consider automatically adding a README file to the archive with step-by-step instructions for novice users.
Ideally I’d like to be offered the option of making a self-extractable archive. If necessary you could recommend that users consider not selecting the option by warning them of the issues but at least it would be there for those who need/like it.
The other issue I really don’t like with the software, including your portable version, is that upon initial launch it says:
“The first time you start AxCrypt a real email address is required. Click help for more information”
<span style=”text-decoration: underline;”>You are interrupting a recipients workflow and you’re also demanding they provide information to a company (AxCrypt) they don’t know.</span> They may not trust AxCrypt or they may be in an offline scenario or their corporate firewalls might block emails from the AxCrypt domain. Insisting they provide that information as a pre-requisite to decrypting their file/s is really bad.
One final comment – I notice on your webpage you give the following instructions:
“Verify that the download is undamaged and authentic by checking the digital signature. Right-click the downloaded file in Windows Explorer, and select ‘Properties’ and the ‘Digital Signatures’ tab. Then select the digital signature and click ‘Details’. Ensure that the digital signature is shown as ‘OK’ and that the signer is ‘AxCrypt AB’.”
It’d be really good if you could include the AxCrypt AB certificate thumbprint and issuer (Comodo) on your website so that advanced users can verify the certificate for higher assurance. Could you confirm if this is the correct thumbprint?
6c 81 9d 4a 25 9f 21 fa 61 ca 35 50 a3 4d dd 79 16 72 4d db
For bonus points it’d be perfect if you included the MD5, SHA1, SHA256, SHA512 sums of the software on your website. Some people use these to confirm the software hasn’t been tampered with and many antivirus software packages also check the has sum against their internal databases. Sometimes, when it’s not recognised (perhaps because it hasn’t been added yet), the antivirus returns a warning; especially in default deny configurations. If a user was able to check the hash sum against the official AxCrypt website it’d give them a little more confidence.
One final comment – I notice AxCrypt don’t have an SSL certificate on the main website (I know the ‘Sign In’ page does). For a security-related website this is essential in my opinion. Also, Google and other search engines downgrade your ranking if you don’t have one. You can get them for very little money and Let’s Encrypt even do them for free. Remember even on this discussion forum you’re asking people to submit their email address (albeit optionally) over an insecure page!
Thank you for taking the time to respond to my other posts.October 23, 2016 at 22:58 #4492
This scenario has occurred to me:
- Alice encrypts a file with AxCrypt, secured with an account key
- Alice emails the file to Bob
- Mallory has an ongoing MitM attack against Bob’s email (or some other attack)
- Mallory receives the encrypted file
- Mallory receives an AxCrypt invite
- Mallory signs up for AxCrypt and prevents the invitation being sent to Bob
- Or, Mallory forwards on either or both emails to Bob to avoid raising suspicion
- Bob receives the encrypted file
- Bob receives an AxCrypt invite
- Bob tries to sign up but can’t (Mallory has already signed up before him)
- Alice and Bob blame AxCrypt
Apart from sharing a non-sensitive file first, or sending really sensitive encrypted files over a different medium, how does AxCrypt mitigate this type of attack?
October 24, 2016 at 18:46 #4499
- Where is the private key stored?
- Is the key on AxCrypt’s servers and, if so, who has access to it? (I realise that it’s protected with the user password)
- What is there to stop a hacker from changing the key on your servers and encrypting a user’s data with their key so that they can decrypt the file/s?
- Can a user export his key?
Yes, the initial situation during the time frame between an ‘invite’ and ‘sign up’ for Bob allows for the scenario you describe.
However, I believe the outcome (apart from the fact that Mallory actually gets to open the file) is that Bob will call Alice and ask what’s going on? Bob can’t sign in to the account – and the end result is that Bob will become aware that his email is compromised.
If the attack is initiated *after* Bob has actually signed up for AxCrypt, there is no vulnerability to this attack at all.
The private key is initially stored on our server when an invite happens, encrypted with our key. As soon as Bob (or Mallory for that matter) sets a password, the private key is re-encrypted with that password.
This is the ‘convenience’ track. Should Alice *really* want to be assured that this does not happen, she should contact Bob and ask him to sign up before the file key is shared.
It’s a situation where we feel that practicality is so great in *not* requiring Alice to contact and wait for Bob to set everything up is worth the attack window.
What’s stopping an attacker from changing the key on our servers, is our servers of course. Except for the ‘invite’ window scenario, an intruder with access to the server can’t access or decrypt any private keys just as little as we can ourselves.
The private keys are also synchronized to your local device, and can even be generated there if you are running offline when you register. And, yes, you can export the key pair (both private and public as one file). It’s under the following menu:
File | Key Management | Export AxCrypt ID Secret and Sharing Key PairOctober 24, 2016 at 20:09 #4500
Hello again, this is in reply to your earlier entry.
Many questions, but I’ll try to keep it short:
“The first time you start AxCrypt a real email address is required. Click help for more information” – If you’re off line when starting the first time, the only requirement is an email address that looks real, i.e. has the correct form. There’s no requirement to be online at any time to use AxCrypt.
“Verify that the download is undamaged and authentic by checking the digital signature” – No, we don’t need to publish any hashes, or verify the fingerprint of the certificate. That’s not relevant for Authenticode signatures, which use the PKI builtin your PC. That’s the way these certificates and signatures work. These are not PGP signatures with a weak “web of trust”. We’ve paid real money for the certificate authority to comply with manufacturer guidelines, and to verify that we are who we say we are and that your system has a trusted root certificate so you can trust ours.
“AxCrypt don’t have an SSL certificate on the main website” – You’re right for just the reasons you specify, and we will fix that. It’s on our to-do list, almost but not quite at the top!
- Alice encrypts a file with AxCrypt, secured with an account key