The Sanctuary
Technology => Network (in)Security => Topic started by: SBTlauien on October 28, 2014, 11:26:21 am
-
What are some encryption programs that have no backdoor?
-
None, all have zero day exploits
There's too much gubmint money/threats to be had for any company to make one without them
-
I posted a script on Zoklet once which had been encrypted with a high level of code encryption, and two months later a member posted the contents while declaring he had cracked it. &Totse and Zoklet were full of cyber feds, so beware.
-
encfs (recently audited), dm-crypt (probably), ecryptfs (probably), diskcryptor (probably).
Don't trust anything proprietary, for obvious reasons.
-
I've read that AxCrypt has no backdoor. BS?
-
Could use WinZip or WinRar and put a long-ass random password on it.
-
A good rule of thumb is that if it's been around for a while, if it's relatively popular, and the code is open source, it's pretty damn tricky to put a back door in there.
When the NSA corrupted the RSA encryption, it wasn't a flaw in the encryption algorithm at all, it was in the random number generator. To the best of my knowledge, the RSA algorithm is still cryptographically sound, though clearly RSA, the company, can't be trusted at all.
-
Use open-source programs where the code was audited, and compile the program from the source.
-
It's probably not a great idea but you could write your own OTP program. It's easy enough that you could do it with minimal programming experience assuming you had secure PRNG (Java's standard SecureRandom should be good enough). Of course your keys end up being as big as your files, but at least you can actually be 100% sure it's secure.