Summary: Windows GUI recommendation for USB disk

Henry Hertz Hobbit hhhobbit at securemecca.net
Thu Nov 2 23:58:25 CET 2006 

Robert Eden <rmeden at yahoo.com> wrote:

> Thanks to everyone for their suggestions.
> 
> I was looking for a simple exe-only tool I could put on a USB
> disk to make it very easy for Windows users to encrypt files
> with a symmetric key.
> 
> Quite a few folks suggested GPGshell.  It was a good choice, but
> had one problem... when it encrypts files it follows the GPG
> pattern of putting the new file in the same location of the old.
> If I used that, I'd be afraid users would copy the files to the
> USB drive and encrypt it there.  Even if they deleted the file,
> it would have to be followed by an erase tool, which needs to be
> installed.... too much trouble.  It also did more than symmetric
> keys, which may confuse my users..
> 
> I also learned that 7-zip now supports hard encryption.  A
> *great* idea.  We already use 7-zip internally, and that was
> actually my problem with it.  If folk were already used to using
> 7-zip, I bet they wouldn't bother to check the "encrypt" button.
> 
> So, I ended up writing my own tool in with wxGlade and WxPerl.
> I didn't know such a GUI tool existed for Perl!  I've been
> programing perl for years... I did one TK project, and really
> didn't want to go down that path... wxGlade and wxPerl made it
> pretty painless, once I learned the tools.  I'm sure I'll make
> use of it again.
> 
> My tool prompts the user for a pass-phrase (twice), places some
> simple restrictions on the pass-phrase (10 characters, 3 words),
> and opens up a dialog box.  The user then drags directories /
> files using explorer to the dialog box, which lists the files
> and starts gpg to encrypt them. (runs two encryption threads at
> once).  Files are stored in the same directory as the executable.
> 
> If someone wants a copy let me know and  I'll look into releasing
> it.

I will take more than the copy.  Do you have any more pointers
on wxGlade and wxPerl?  I have some projects that aren't even
affiliated with encryption that would be very useful to have.
Send any pointers on wxPerl to me off-group.  If you want to
support it over 2-3 years (or longer), by all means release it!
7-zip, like most zip programs encryption doesn't even come close
to the level of protection that you are getting with GnuPG.  Even
if you are using the lowest level cipher GnuPG provides, it is a
quantum leap over the zip programs enciphering.  Quoting from
the man page for zip (roughly comparable to 7-zip and probably
uses the exact same code for enciphering):

  (And  where  security  is  truly  important,  use strong
  encryption such as Pretty Good Privacy  instead  of  the
  relatively  weak encryption provided by standard zipfile
  utilities.)

I think this would be a VERY useful tool to have.  Your
first alteration may be the choice of cipher to use and
perhaps a settable default cipher. Most people don't set
their default cipher in gpg.conf.

HHH

More information about the Gnupg-users mailing list