Forums Community AxCrypt 2.0 and 1.7 Reply To: AxCrypt 2.0 and 1.7

#3413 Reply


I too am disappointed with the change from 1.7 to 2 because of:

  • the requirement to (initially) connect to the internet
  • removal of secure erasure (paid customers only)
  • one password for everything (less secure)
  • no ability to create self-extracting files
  • inconvenience for non-AxCrypt users

I think v2 is <span style=”text-decoration: underline;”>more</span> complicated for non-technical users who have to set-up the key sharing (GPG does a better job and is tried and tested). It also forces people down the route of paying a fee for what may be a one-off share. Maybe consider having a pay-as-you-use option; e.g. share an encrypted file for €0.50.

I’m also concerned that there’s no ability to set different passwords for different files. By all means encrypt files using the same password by default but offer the capability for an alternative password if the user desires. If somebody wanted to share an time embargoed document this feature would be critical. A press release accessible only at midnight once the person has received the correct password by automated text is one example.

Personally I would like to see v1.7 continue in development or the, now removed, functionality reinstated in v2.

If necessary you could even charge users for continued development or implement the ‘old’ features into the new software and perhaps charge a one-off fee whilst keeping a v2 functionality for SAAS licensing. For example €24/yr for v2 & v1 functionality and €12 (forever) for only v1 functionality but also provide the ability to decrypt v2 files which have been shared by a paying v2 customer.

I’ve read the comments about a lot of mail servers blocking executable files and this is very true. Some software automatically changes the extension from .exe to something random (e.g. .axe) to bypass this restriction and then they insert a line of text into the email instructing the user to change the suffix to .exe.

However the largest use-case scenario I can think of where self-extracting files were the perfect solution was when sharing files over a non-encrypted cloud service. For example an AxCrypt user uploads his file to his Google Drive (as an .exe) and then emails his friend a sharing link. The friend clicks the Google Drive link, the .exe downloads and the recipient enter his password. He doesn’t need any special software; just the password. The friend may not have install rights but might be able to open the .exe.

There’s other great and easy to use software out there including VeraCrypt, (7-Zip, PeaZip, SecureZIP, WinZip), GPG, encrypted PDF or Microsoft Office documents etc. As more and more zero-knowledge encrypted services come online like Tresorit, SpiderOak and (soon to be) iCloud the era of sending conventionally encrypted documents will come to an end.

Giving the user the ability to easily decrypt a document without having to install special software <span style=”text-decoration: underline;”>is key.</span>