Forums Community Upgraded but no longer able to create self-decrypting ".exe" files?

This topic contains 3 replies, has 2 voices, and was last updated by  Svante 1 year, 4 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #6367 Reply

    Flashfox

    I am a premium subscriber and I had been using version 1.x for quite a while. I recently moved to 2.x but I am a bit frustrated as I am no longer able to create self-decrypting “.exe” files. I was able to move those to any computer and decrypt them by running the file and entering the password.

    • Correct me if I am wrong but has this capability been removed from 2.x?
    • If so, I will remove 2.x and re-install 1.x. I will first unencrypt the few files that I ciphered using 2.x

    Now perhaps I am missing something but my goal is to be able to encrypt a file, to move it to another computer and then decrypt it on that target computer without needing AxCrypt on that computer. Can this be done with 2.x?

    #6371 Reply

    Svante
    Keymaster

    Hello Flashfox,

    You are right. Self-decrypting .EXE is not supported in version 2. In it’s stead, we have a fully featured standalone portable application. The only difference from before is that we don’t “physically” append the data to the executable, so it’s two files.

    You always need AxCrypt on the target computer. The “self-decrypting .exe” of AxCrypt 1.x is just AxCrypt with the encrypted file appended. It’s literally exactly the same as the following MS-DOS command line command:

    copy /b AxDecrypt.exe+SecretFile-txt.axx SecretFile-txt.exe

    So, yes, you have AxCrypt on the target computer. Now, with AxCrypt 2, we just don’t do the above so instead you send / store AxCrypt-2.1.1494.0.exe (or whatever version is current) and SecretFile-txt.axx as two separate files.

    See https://www.axcrypt.net/blog/avoid-self-decrypting-files/ for details about why we have done this change.

    #6376 Reply

    Terry

    Flashfox, as a user like yourself I found the problem with the old .EXE files is that newer computers: Windows 8 and onwards refuse to start the file because it was considered “untrusted”. My Internet Security program deletes them because they’re not digitally signed and I don’t have a digital signature. It doesn’t delete .AXX files which are the normal encrypted files.

    My Windows 10 computer is very strict and SmartScreen won’t even allow me to manually allow my old .EXE files to run because the files are “untrusted” even though I created them myself. It does trust AxCrypt (because they digitally sign their software) so I have to install the AxCrypt software in order to decrypt my files.

    #6381 Reply

    Svante
    Keymaster

    Hello Terry,

    Thank you for that additional information. It’s also just yet another indication why self-decrypting .exe is a bad idea.

    What happens is that the AxDecrypt.exe (which is the decryption software that makes up the code of the self-decrypting file) *is* actually digitally signed by us, but since it has to carry a data payload as well (the actual encrypted file) the operating system may treat that as an incorrectly signed file. We cannot sign the full file with the data payload because there’s no way we can delegate that operation, and we would not want to even if we could since we’d not want to sign something we did not have control over. That’s the point of digitally signing it, we take responsibility for the contents.

Viewing 4 posts - 1 through 4 (of 4 total)
Reply To: Upgraded but no longer able to create self-decrypting ".exe" files?
Your information: