This topic contains 3 replies, has 1 voice, and was last updated by Geoff 1 year, 10 months ago.
February 11, 2017 at 09:48 #5462
I’m sharing this information because I think it might be of interest to AxCrypt users. I just tested a handful of e-mail services to see which do, and do not, allow .exe files as attachments.
Yahoo, AOL and Mail.com all allow sending and receiving of .exe files. I find this somewhat surprising, honestly.
Microsoft’s mail service doesn’t block receipt of such e-mail’s, but disallows downloading the .exe files. (If the .exe is zipped, you can download it with no problem.) Oddly enough, the service allows sending .exe’s to others. So you can send ’em but not download ’em!
Gmail disallows both the sending and receiving of .exe attachments — and it doesn’t help if your attachment is zipped, because Gmail scans archive files for prohibited file types. I think this approach is probably the way of the future. So I reluctantly agree that sending self-decrypting .exe files is problematical, at best.
This is for information only, no reply is necessary.February 11, 2017 at 10:45 #5463
You put the EXE in a folder on your desktop, ZIP the folder and password protect the ZIP.
That’s effectively a double-zipped archive which prevents Gmail from scanning the contents.
Most people share EXE file by creating a sharing link in their favourite cloud storage.February 11, 2017 at 11:32 #5464
Hey, Geoff. You make some good points.
Speaking only for myself, if I send a protected ZIP file, the need for a self-decrypting EXE is obviated. I would just put the sensitive data in the ZIP and be done with it. But if I must send an EXE, I agree that a cloud sharing link is the way to go.February 11, 2017 at 14:02 #5465
I agree about the need being obviated but with one caveat: only if you’re using modern AES ZIP encryption. The old ZipCrypto which is the default (and only) option available in Windows ‘Compressed Folders’ uses ZipCrypto. You therefore need 7-Zip or WinZip or SecureZIP in order to harness modern AES.
Thus if you only have a ZIP application which only employs ZipCrypto then you might want to send an AxCrypt self-decrypting EXE because AxCrypt utilises proper encryption.
However many ZIP applications also support making a self-decrypting EXE and they allow you to use AES encryption too.
The main problem with sharing EXE files is Windows SmartScreen. If you download a non-signed EXE the recipient will get a warning suggesting the file is potentially unsafe.
I use an encrypted cloud where I can share a secure link. I can optionally require the recipient type in a pre-agreed password. Once the file has been downloaded it will automatically expire (unless I set it otherwise) and/or it will expire after a pre-defined date.
Modern PDFs (v1.6 and above) along with Microsoft Office 2013 both include strong encryption which are sufficient for most people. You can also put attachments within an encrypted PDF – something not many people realise.