Jump to content

Program to lock files on your flash drive.

Shayne

By Shayne
in Software Hangout

 Share

Recommended Posts


jaclaz

jaclaz

Posted
Posted

I have a suggestion :), but you won't like it :(.

You simply cannot use "portable" and ".Net Framework" in the same page :w00t:, particularly when together with "4 or higher" :ph34r:.

Apart from the above, which is of course due to my allergy to .Net (let alone 4.0 or higher), I am sure that a few words explaining what the software does and what advantage/differences it features when compared to other similar solutions would be greatly useful.

jaclaz

Link to comment
Share on other sites
Shayne

Shayne

Posted
  • Author
Posted (edited)

I have a suggestion :), but you won't like it :(.

You simply cannot use "portable" and ".Net Framework" in the same page :w00t:, particularly when together with "4 or higher" :ph34r:.

Apart from the above, which is of course due to my allergy to .Net (let alone 4.0 or higher), I am sure that a few words explaining what the software does and what advantage/differences it features when compared to other similar solutions would be greatly useful.

jaclaz

Well... That's very true :P However, don't all Windows 7/8 computers come with the .net framework 4 pre installed?

Edit: Actually I'm wrong. Windows 7 Comes with 3.5. I guess the first thing I'll do is change the required .net framework to version 3.0

NET Framework 3.0: Windows Vista, Windows Server 2008

.NET Framework 3.5 SP1: Windows 7, Windows Server 2008 R2

.NET Framework 4.0: Windows 8

.NET Framework 4.5: Windows 8

Edited by Shayne
Link to comment
Share on other sites
JorgeA

JorgeA

Posted
Posted

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

--JorgeA

Link to comment
Share on other sites
Shayne

Shayne

Posted
  • Author
Posted

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

--JorgeA

Alright, let me give you a better description.

How it works is it has a folder called "vault." Everything in this folder is locked and inaccessible. In order to unlock the folder, you must start the program, and enter the username and password. Then when you close the program, it locks the "vault" folder along with all its contents.

CLSID (not sure why I wrote cclid) is used to change the behaviour of a folder. By adding a CLSID too a folder, you can change what happens when you click on the folder. For example, if you rename a folder and add ".{20D04FE0-3AEA-1069-A2D8-08002B30309D} " to the end of the folder name. The folder will now open "My Computer" instead of the folder contents. There is also a CLSID for a folder lock, which is what Granite Portable uses too lock the Vault.It combines that with the NTFS File permisions. First it uses the CLSID Folder Lock to lock the Vault, then it denies everyone access to the folder. By doing both these things, it makes the Vault semi secure and will prevent the average joe from accessing it.

Link to comment
Share on other sites
JorgeA

JorgeA

Posted
Posted

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

--JorgeA

Alright, let me give you a better description.

How it works is it has a folder called "vault." Everything in this folder is locked and inaccessible. In order to unlock the folder, you must start the program, and enter the username and password. Then when you close the program, it locks the "vault" folder along with all its contents.

CLSID (not sure why I wrote cclid) is used to change the behaviour of a folder. By adding a CLSID too a folder, you can change what happens when you click on the folder. For example, if you rename a folder and add ".{20D04FE0-3AEA-1069-A2D8-08002B30309D} " to the end of the folder name. The folder will now open "My Computer" instead of the folder contents. There is also a CLSID for a folder lock, which is what Granite Portable uses too lock the Vault.It combines that with the NTFS File permisions. First it uses the CLSID Folder Lock to lock the Vault, then it denies everyone access to the folder. By doing both these things, it makes the Vault semi secure and will prevent the average joe from accessing it.

That's pretty cool -- thank you!

--JorgeA

Link to comment
Share on other sites
Shayne

Shayne

Posted
  • Author
Posted

There is also a CLSID for a folder lock,

Interesting idea, which class ID is the folder lock.

The class ID is {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

Good, now it is much clearer, thanks :).

I would throw on the table - in passing by - the additional use of an invalid folder name :w00t:, which may add some "protection" :unsure:.

http://www.msfn.org/board/topic/131103-win-ntbt-can-be-omitted/

http://www.msfn.org/board/topic/131103-win-ntbt-can-be-omitted/?p=842843

jaclaz

Thanks. I'll add that to my list of ideas :P

Link to comment
Share on other sites
MrJinje

MrJinje

Posted
Posted (edited)

So, basically, the essence of the program can be reproduced in two lines in batch:

http://abhisheksur.wordpress.com/2007/05/17/protecting-a-folder-in-windows-xp/

jaclaz

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder.

So you'd probably have to take ownership, icacls, then rename the folder to get inside. Seems childproof at the very least.

Edited by MrJinje
Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted (edited)

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder.

So you'd probably have to take ownership, icacls, then rename the folder to get inside. Seems childproof at the very least.

Sure :), check "essence" ;):

http://dictionary.reference.com/browse/essence

The comment was following of initial suggestion, only aimed to highlight how the *need* for .Net and/or .Net 4 was highly debatable.

To continue on the same path - with - let this be clear - no offence whatever intended to the actual Author of the nice Granite tool :thumbup:, this would more or less add a line to the batch using SECEDIT (or as you pointed out, some sequence of SETACL or similar tools):

http://www.robvanderwoude.com/secedit.php

There is nothing "bad" of course in using any language or environment but simple things should IMHO made as simply as possible (but not more), particularly if there is a scope into making the thingy "portable".

jaclaz

Edited by jaclaz
Link to comment
Share on other sites
Shayne

Shayne

Posted
  • Author
Posted (edited)

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder.

So you'd probably have to take ownership, icacls, then rename the folder to get inside. Seems childproof at the very least.

Sure :), check "essence" ;):

http://dictionary.reference.com/browse/essence

The comment was following of initial suggestion, only aimed to highlight how the *need* for .Net and/or .Net 4 was highly debatable.

To continue on the same path - with - let this be clear - no offence whatever intended to the actual Author of the nice Granite tool :thumbup:, this would more or less add a line to the batch using SECEDIT (or as you pointed out, some sequence of SETACL or similar tools):

http://www.robvanderwoude.com/secedit.php

There is nothing "bad" of course in using any language or environment but simple things should IMHO made as simply as possible (but not more), particularly if there is a scope into making the thingy "portable".

jaclaz

I agree that things should be made simple. However, I plan on adding more features, possibly a portable start menu, so that's why I am using C# and not a batch file. As MrJine said, it is "childproof". The idea is too prevent the average person from accessing the files, and that's what it does :)

Here is a good question. What if I insert the flash drive into an machine that does not understands what the hell an encyption is, on the folder itself?

This doesn't use encryption to protect the folder. It uses NTFS File permissions and CLSID.

If you were too plug this into a linux computer, I am not sure what would happen. Obviously the program would not run. But I'm not sure if linux would recognize the NTFS permissions or not.

Edit: Thank you for all the comments and suggestions :D

Edited by Shayne
Link to comment
Share on other sites
JorgeA

JorgeA

Posted
Posted (edited)

You're welcome, and thank YOU for doing this. It's an interesting idea and I'll keep watching it!

I, too, was curious what would happen if you plugged a flash drive, protected this way, into a Linux machine.

Maybe one could encrypt the file and then apply your program to the resulting file, as another layer of protection.

--JorgeA

Edited by JorgeA
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...