Programs for encrypting files and folders. Comparison of desktop encryption programs. One-click encryption

31.03.2022

Most recently we have been conducting encryption applications. The time has come for a similar review, but of desktop programs.

Selecting programs to compare

In order for all three programs to be in the same weight category, it was decided to compare only proprietary software, that is, software with closed source code. Folder Lock and PGP Desktop will be compared with CyberSafe Top Secret. I think many people are familiar with the latest program. But Folder Lock was also not chosen by chance - it received a gold award in a comparison of ten encryption programs.

Folder Lock Overview

The main features of the Folder Lock program are as follows:

AES encryption, key length 256 bits.
Hiding files and folders.
Encrypt files (by creating virtual disks - safes) on the fly.
Online backup.
Creation of protected USB/CD/DVD disks.
Encryption of email attachments.
Creation of encrypted “wallets” storing information about credit cards, accounts, etc.

It would seem that the program has quite enough capabilities, especially for personal use. Now let's look at the program in action. When you first launch the program, you are asked to set a master password, which is used to authenticate the user in the program (Fig. 1). Imagine this situation: you hid files, and someone else launched a program, saw which files were hidden and gained access to them. Agree, not very good. But if the program asks for a password, then this “someone” will not succeed - at least until he guesses or finds out your password.

Rice. 1. Setting a master password at first start

First of all, let's look at how the program hides files. Go to section Lock Files, then either drag files (Fig. 2) and folders into the main area of the program or use the button Add. As shown in Fig. 3, the program allows you to hide files, folders and drives.

Rice. 2. Drag a file, select it and click the button Lock

Rice. 3. Button Add

Let's see what happens when we press the button Lock. I tried to hide the C:\Users\Denis\Desktop\cs.zip file. The file has disappeared from Explorer, Total Commander and other file managers, even if displaying hidden files is enabled. The file hiding button is called Lock, and the section Lock Files. However, these UI elements would need to be named Hide and Hide Files, respectively. Because in fact, the program does not block access to the file, but simply “hides” it. Look at fig. 4. Knowing the exact name of the file, I copied it to the cs2.zip file. The file copied smoothly, there were no access errors, the file was not encrypted - it was unpacked as usual.

Rice. 4. Copy a hidden file

The hiding function itself is stupid and useless. However, if you use it in conjunction with the file encryption function - to hide the safes created by the program - then the effectiveness of its use will increase.
In chapter Encrypt Files you can create safes (Lockers). A safe is an encrypted container that, once mounted, can be used like a regular disk - the encryption is not simple, but transparent. The same technique is used by many other encryption programs, including TrueCrypt, CyberSafe Top Secret, and others.

Rice. 5. Encrypt Files section

Click the button Create Locker, in the window that appears, enter a name and select the location of the safe (Fig. 6). Next, you need to enter a password to access the safe (Fig. 7). The next step is to select the file system and safe size (Fig. 8). The safe size is dynamic, but you can set its maximum limit. This allows you to save disk space if you do not use the safe to capacity. If desired, you can create a fixed-size safe, as will be shown in the Performance section of this article.

Rice. 6. Name and location of the safe

Rice. 7. Password to access the safe

Rice. 8. File system and safe size

After this, you will see a UAC window (if it is enabled), in which you will need to click Yes, then a window with information about the created safe will be displayed. In it you need to click the Finish button, after which the Explorer window will open, displaying the mounted container (media), see Fig. 9.

Rice. 9. Virtual disk created by the program

Return to section Encrypt Files and select the created safe (Fig. 10). Button Open Locker allows you to open a closed safe, Close Locker- close open button Edit Options calls up a menu containing commands for deleting/copying/renaming/changing the safe password. Button Backup Online allows you to back up your safe, and not just anywhere, but to the cloud (Fig. 11). But first you have to create an account Secure Backup Account, after which you'll get up to 2TB of storage space and your safes will automatically sync with online storage, which is especially useful if you need to work with the same safe on different computers.

Rice. 10. Operations on the safe

Rice. 11. Create a Secure Backup Account

Nothing happens for nothing. Pricing for storing your safes can be found at secure.newsoftwares.net/signup?id=en. For 2 TB you will have to pay $400 per month. 500 GB will cost $100 per month. To be honest, it's very expensive. For $50-60 you can rent an entire VPS with 500 GB “on board”, which you can use as storage for your safes and even create your own website on it.
Please note: the program can create encrypted partitions, but unlike PGP Desktop, it cannot encrypt entire disks. In chapter Protect USB/CD you can protect your USB/CD/DVD drives, as well as email attachments (Fig. 12). However, this protection is carried out not by encrypting the media itself, but by recording a self-decrypting safe on the corresponding media. In other words, a stripped-down portable version of the program will be recorded on the selected media, allowing you to “open” the safe. This program also does not have any support for email clients. You can encrypt the attachment and attach it (already encrypted) to the email. But the attachment is encrypted with a regular password, not PKI. I think there is no point in talking about reliability.

Rice. 12. Protect USB/CD section

Chapter Make Wallets allows you to create wallets containing information about your credit cards, bank accounts, etc. (Fig. 13). All information, of course, is stored in encrypted form. With all responsibility I can say that this section is useless, since there is no function for exporting information from the wallet. Imagine that you have many bank accounts and you have entered information about each of them into the program - account number, bank name, account owner, SWIFT code, etc. You then need to provide your account information to a third party to transfer the money to you. You will have to manually copy each field and paste it into the document or email. Having an export function would make this task much easier. As for me, it is much easier to store all this information in one common document, which needs to be placed on a virtual disk created by the program - a safe.

Rice. 13. Wallets

Benefits of Folder Lock:

Attractive and clear interface that will appeal to novice users who speak English.
Transparent on-the-fly encryption, creating virtual encrypted disks that can be worked with like regular disks.
Possibility of online backup and synchronization of encrypted containers (safes).
Ability to create self-decrypting containers on USB/CD/DVD drives.

Disadvantages of the program:

There is no support for the Russian language, which will complicate the work with the program for users who are not familiar with the English language.
Questionable functions Lock Files (which simply hides, rather than “locks” files) and Make Wallets (ineffective without exporting information). To be honest, I thought that the Lock Files function would provide transparent encryption of a folder/file on a disk, like the CyberSafe Top Secret program or the file system does.
Inability to sign files or verify digital signatures.
When opening a safe, it does not allow you to select a drive letter that will be assigned to the virtual disk that corresponds to the safe. In the program settings, you can only select the order in which the program will assign the drive letter - ascending (from A to Z) or descending (from Z to A).
There is no integration with email clients, there is only the ability to encrypt the attachment.
High cost of cloud backup.

PGP Desktop

Symantec's PGP Desktop is a suite of encryption software that provides flexible, multi-level encryption. The program differs from CyberSafe TopSecret and Folder Lock in its close integration into the system shell. The program is built into the shell (Explorer), and its functions are accessed through the Explorer context menu (Fig. 14). As you can see, the context menu has functions for encryption, file signing, etc. Quite interesting is the function of creating a self-decrypting archive - on the principle of a self-extracting archive, only instead of unpacking the archive is also decrypted. However, the Folder Lock and CyberSafe programs also have a similar function.

Rice. 14. PGP Desktop context menu

You can also access the program's functions through the system tray (Fig. 15). Team Open PGP Desktop opens the main program window (Fig. 16).

Rice. 15. Program in the system tray

Rice. 16. PGP Desktop window

Program sections:

PGP Keys- key management (both your own and imported from keyserver.pgp.com).
PGP Messaging- management of messaging services. When installed, the program automatically detects your accounts and automatically encrypts AOL Instant Messenger communications.
PGP Zip- management of encrypted archives. The program supports transparent and opaque encryption. This section implements opaque encryption. You can create an encrypted Zip archive (PGP Zip) or a self-decrypting archive (Figure 17).
PGP Disk is an implementation of the transparent encryption function. The program can either encrypt an entire hard disk partition (or even the entire disk) or create a new virtual disk (container). There is also a function called Shred Free Space, which allows you to wipe free space on the disk.
PGP Viewer- here you can decrypt PGP messages and attachments.
PGP NetShare- a means of “sharing” folders, while the “shares” are encrypted using PGP, and you have the ability to add/remove users (users are identified based on certificates) who have access to the “share”.

Rice. 17. Self-decrypting archive

Regarding virtual disks, I especially liked the ability to create a dynamically sized virtual disk (Figure 18), as well as select an algorithm other than AES. The program allows you to select the drive letter to which the virtual disk will be mounted, and also allows you to automatically mount the disk when the system starts and unmount it when idle (by default, after 15 minutes of inactivity).

Rice. 18. Create a virtual disk

The program tries to encrypt everything and everyone. It monitors POP/SMTP connections and offers to secure them (Figure 19). The same goes for instant messaging clients (Figure 20). It is also possible to protect IMAP connections, but it must be enabled separately in the program settings.

Rice. 19. SSL/TLS connection detected

Rice. 20. PGP IM in action

It's a pity that PGP Desktop does not support popular modern programs like Skype and Viber. Who uses AOL IM now? I think there are few of these.
Also, when using PGP Desktop, it is difficult to configure mail encryption, which only works in interception mode. What if the encrypted mail was already received, and PGP Desktop was launched after receiving the encrypted message. How to decrypt it? You can, of course, but you will have to do it manually. In addition, already decrypted messages are no longer protected in the client. And if you configure the client for certificates, as is done in the CyberSafe Top Secret program, then the letters will always be encrypted.
The interception mode doesn’t work very well either, since a message about mail protection appears every time on every new mail server, and gmail has a lot of them. You will get tired of the mail protection window very quickly.
The program is also not stable (Fig. 21).

Rice. 21. PGP Desktop froze...

Also, after installing it, the system worked slower (subjectively)…

Benefits of PGP Desktop:

A full-fledged program used for file encryption, signing files and verifying electronic signatures, transparent encryption (virtual disks and whole partition encryption), email encryption.
Keyserver support keyserver.pgp.com.
Ability to encrypt the system hard drive.
PGP NetShare feature.
Possibility of overwriting free space.
Tight integration with Explorer.

Disadvantages of the program:

Lack of support for the Russian language, which will complicate the work with the program for users who do not know English.
Unstable operation of the program.
Poor program performance.
There is support for AOL IM, but no support for Skype and Viber.
Already decrypted messages remain unprotected on the client.
Mail protection only works in interception mode, which you will quickly get tired of, since the mail protection window will appear every time for each new server.

CyberSafe Top Secret

As in, there will not be a detailed description of the CyberSafe Top Secret program, since a lot has already been written about it on our blog (Fig. 22).

Rice. 22. CyberSafe Top Secret program

However, we will still pay attention to some points - the most important ones. The program contains tools for managing keys and certificates, and the presence of CyberSafe's own key server allows the user to publish his public key on it, as well as obtain the public keys of other company employees (Fig. 23).

Rice. 23. Key management

The program can be used to encrypt individual files, as was shown in the article. As for encryption algorithms, the CyberSafe Top Secret program supports GOST algorithms and the certified crypto provider CryptoPro, which allows it to be used in government agencies and banks.
The program can also be used to transparently encrypt a folder (Fig. 24), which allows it to be used as a replacement for EFS. And, given that the CyberSafe program turned out to be more reliable and faster (in some scenarios) than EFS, then it is not only possible, but also necessary.

Rice. 24. Transparent encryption of the folder C:\CS-Crypted

The functionality of the CyberSafe Top Secret program is reminiscent of the functionality of the PGP Desktop program - if you noticed, the program can also be used to encrypt email messages, as well as to electronically sign files and verify this signature (section Email digital signature, see fig. 25).

Rice. 25. Section Email digital signature

Like the PGP Desktop program, CyberSafe Top Secret can create virtual encrypted disks and fully encrypt. It should be noted that the CyberSafe Top Secret program can only create virtual disks of a fixed size, unlike the Folder Lock and PGP Desktop programs. However, this drawback is counteracted by the ability to transparently encrypt the folder, and the folder size is limited only by the amount of free space on your hard drive.
Unlike the PGP Desktop program, the CyberSafe Top Secret program cannot encrypt the system hard drive; it is limited only to encrypting external and internal non-system drives.
But CyberSafe Top Secret has the option of cloud backup, and, unlike Folder Lock, this option is absolutely free; more precisely, the cloud backup function can be configured for any service - both paid and free. You can read more about this feature in the article.
It is also worth noting two important features of the program: two-factor authentication and a system of trusted applications. In the program settings, you can either set password authentication or two-factor authentication (Fig. 26).

Rice. 26. Program settings

On the tab Allowed. applications You can define trusted applications that are allowed to work with encrypted files. By default, all applications are trusted. But for greater security, you can set applications that are allowed to work with encrypted files (Fig. 27).

Rice. 27. Trusted applications

Benefits of the CyberSafe Top Secret program:

Support for GOST encryption algorithms and certified crypto provider CryptoPro, which allows the program to be used not only by individuals and commercial organizations, but also by government agencies.
Supports transparent folder encryption, which allows you to use the program as a replacement for EFS. Considering that the program provides, such a replacement is more than justified.
The ability to sign files with an electronic digital signature and the ability to verify the file signature.
Built-in key server that allows you to publish keys and access other keys that have been published by other company employees.
The ability to create a virtual encrypted disk and the ability to encrypt the entire partition.
Possibility of creating self-decrypting archives.
The possibility of free cloud backup, which works with any service - both paid and free.
Two-factor user authentication.
A trusted application system that allows only certain applications to access encrypted files.
The CyberSafe application supports the AES-NI instruction set, which has a positive effect on program performance (this fact will be demonstrated later).
The CyberSafe program driver allows you to work over a network, which makes it possible to organize.
Russian-language program interface. For English-speaking users, it is possible to switch to English.

Now about the shortcomings of the program. The program does not have any particular shortcomings, but since the task was set to honestly compare the programs, shortcomings will still have to be found. To be really picky, sometimes (very, very rarely) non-localized messages like “Password is weak” “slip through” into the program. Also, the program does not yet know how to encrypt the system disk, but such encryption is not always necessary and not for everyone. But all these are small things compared to the freezing of PGP Desktop and its cost (but you don’t know about that yet).

Performance

When working with PGP Desktop, I got the impression (immediately after installing the program) that the computer began to work slower. If it weren’t for this “sixth sense,” this section would not have been in this article. It was decided to measure performance using CrystalDiskMark. All tests are carried out on a real machine - no virtual machines. The laptop configuration is as follows - Intel 1000M (1.8 GHz)/4 GB RAM/WD WD5000LPVT (500 GB, SATA-300, 5400 RPM, 8 MB buffer/Windows 7 64-bit). The car is not very powerful, but it is what it is.
The test will be performed as follows. We launch one of the programs and create a virtual container. The container parameters are as follows:

The virtual disk size is 2048 MB.
File system - NTFS
Drive letter Z:

After this, the program closes (of course, the virtual disk is unmounted) - so that nothing interferes with the test of the next program. The next program is launched, a similar container is created in it, and the test is performed again. To make it easier for you to read the test results, we need to talk about what the CrystalDiskMark results mean:

Seq - sequential write/sequential read test (block size = 1024KB);
512K - random write/random read test (block size = 512KB);
4K is the same as 512K, but the block size is 4 KB;
4K QD32 - random write/read test (block size = 4KB, Queue Depth = 32) for NCQ&AHCI.

During the test, all programs except CrystalDiskMark were closed. I chose a test size of 1000 MB and set it to 2 passes so as not to force my hard drive once again (as a result of this experiment, its temperature already increased from 37 to 40 degrees).

Let's start with a regular hard drive so that we have something to compare with. The performance of drive C: (which is the only partition on my computer) will be considered reference. So, I got the following results (Fig. 28).

Rice. 28. Hard drive performance

Now let's start testing the first program. Let it be Folder Lock. In Fig. Figure 29 shows the parameters of the created container. Please note: I am using a fixed size. The results of the program are shown in Fig. 30. As you can see, there is a significant reduction in performance compared to the benchmark. But this is a normal phenomenon - after all, the data is encrypted and decrypted on the fly. Productivity should be lower, the question is how much.

Rice. 29. Folder Lock container parameters

Rice. 30. Folder Lock results

The next program is PGP Desktop. In Fig. 31 - parameters of the created container, and in Fig. 32 - results. My feelings were confirmed - the program really works slower, which was confirmed by the test. But when this program was running, not only the virtual disk, but even the entire system “slowed down,” which was not observed when working with other programs.

Rice. 31. PGP Desktop container parameters

Rice. 32. Results of the PGP Desktop program

All that remains is to test the CyberSafe Top Secret program. As usual, first - the container parameters (Fig. 33), and then the program results (Fig. 34).

Rice. 33. CyberSafe Top Secret container parameters

Rice. 34. Results of the CyberSafe Top Secret program

I think comments will be unnecessary. According to productivity, the places were distributed as follows:

CyberSafe Top Secret
Folder Lock
PGP Desktop

Price and conclusions

Since we tested proprietary software, there is another important factor to consider - price. The Folder Lock application will cost $39.95 for one installation and $259.70 for 10 installations. On the one hand, the price is not very high, but the functionality of the program, frankly speaking, is small. As noted, the file and wallet hiding features are of little use. The Secure Backup feature requires an additional fee, therefore, paying almost $40 (if you put yourself in the shoes of an ordinary user, not a company) just for the ability to encrypt files and create self-decrypting safes is expensive.
The PGP Desktop program will cost $97. And note - this is only the starting price. The full version with a set of all modules will cost approximately $180-250 and this is only a 12-month license. In other words, every year you will have to pay $250 to use the program. In my opinion, this is overkill.
The CyberSafe Top Secret program is the golden mean, both in functionality and price. For an ordinary user, the program will cost only $50 (special anti-crisis price for Russia; for other countries the full version will cost $90). Please note, this is how much the most complete version of the Ultimate program costs.
Table 1 contains a comparison table of the features of all three products, which can help you choose your product.

Table 1. Programs and functions

Function	Folder Lock	PGP Desktop	CyberSafe Top Secret
Virtual encrypted disks	Yes	Yes	Yes
Encrypt the entire partition	No	Yes	Yes
Encrypting the system disk	No	Yes	No
Convenient integration with email clients	No	No	Yes
Encryption of email messages	Yes (limited)	Yes	Yes
File encryption	No	Yes	Yes
Digital signature, signing	No	Yes	Yes
EDS, verification	No	Yes	Yes
Transparent folder encryption	No	No	Yes
Self-decrypting archives	Yes	Yes	Yes
Cloud backup	Yes (paid)	No	Yes (free)
Trusted application system	No	No	Yes
Support from a certified crypto provider	No	No	Yes
Token support	No	No (no longer supported)	Yes (when installing CryptoPro)
Own key server	No	Yes	Yes
Two-factor authentication	No	No	Yes
Hiding individual files	Yes	No	No
Hiding hard drive partitions	Yes	No	Yes
Wallets for storing payment information	Yes	No	No
GOST encryption support	No	No	Yes
Russian interface	No	No	Yes
Sequential read/write (DiskMark), MB/s	47/42	35/27	62/58
Price	40$	180-250$	50$

Taking into account all the factors outlined in this article (functionality, performance and price), the winner of this comparison is the CyberSafe Top Secret program. If you have any questions, we will be happy to answer them in the comments.

Our media stores huge quantities of personal and important information, documents and media files. They need to be protected. Cryptographic methods such as AES And Twofish, which are standardly offered in encryption programs, are approximately one generation old and provide a relatively high level of security.

In practice, the average user will not be able to make much of a mistake in his choice. Instead, you should decide on a specialized program depending on your intent: hard drive encryption often uses a different operating mode than file encryption.

For a long time, the best choice was the utility TrueCrypt, if we were talking about full encryption of the hard drive or saving data in an encrypted container. This project is now closed. Its worthy successor was an open source program VeraCrypt. It was based on the TrueCrypt code, but it was modified, resulting in improved encryption quality.

For example, in VeraCrypt improved key generation from password. A less common mode used to encrypt hard drives is CBC, A XTS. In this mode, blocks are encrypted by type ECB, however, this adds the sector number and intrasegmental displacement.

Random numbers and strong passwords

To protect individual files, a free program with a simple interface is enough, for example, MAXA Crypt Portable or AxCrypt. We recommend AxCrypt because it is an open source project. However, when installing it, you should pay attention to the fact that the package with the application includes unnecessary add-ons, so you need to uncheck them.

The utility is launched by right-clicking on a file or folder and entering a password (for example, when opening an encrypted file). This program uses the AES algorithm 128 bit with CBC mode. To generate a robust initialization vector (IV), Ax-Crypt integrates a pseudo-random number generator.

If IV is not a true random number, then CBC mode weakens it. The MAXA Crypt Portable program works in a similar way, but encryption occurs using a key 256 bits long. If you upload personal information to cloud storage services, you must assume that cloud storage providers, such as Google and Dropbox, are scanning the content.

Boxcryptor embeds itself into the process as a virtual hard drive and, with a right-click, encrypts all files located there before they are uploaded to the cloud. It is important to get a password manager, such as Password Depot. It creates complex passwords that no one can remember. Need to just don't lose master password for this program.

We use encrypted disks

Similar to TrueCrypt, utility wizard VeraCrypt guides the user through all stages of creating an encrypted disk. You can also protect an existing partition.

One-click encryption

Free program Maxa Crypt Portable offers all the necessary options for quickly encrypting individual files using the AES algorithm. By clicking on the button you start generating a secure password.

Linking the cloud to privacy

Boxcryptor Encrypts important files with one click before uploading to Dropbox or Google storage. AES encryption is used by default with a key length of 256 bits.

Cornerstone - Password Manager

Long passwords enhance security. Program Password Depot generates and uses them, including for encrypting files and working with web services to which it transfers data to access the account.

Photo: manufacturing companies

Open source has been popular for 10 years due to its independence from major vendors. The creators of the program are publicly unknown. Among the most famous users of the program are Edward Snowden and security expert Bruce Schneier. The utility allows you to turn a flash drive or hard drive into a secure encrypted storage in which confidential information is hidden from prying eyes.

The mysterious developers of the utility announced the closure of the project on Wednesday, May 28, explaining that using TrueCrypt is unsafe. "WARNING: It is not safe to use TrueCrypt because... the program may contain unresolved vulnerabilities” - this message can be seen on the product page on the SourceForge portal. This is followed by another message: “You must migrate all data encrypted with TrueCrypt to encrypted disks or virtual disk images supported on your platform.”

Independent security expert Graham Cluley quite logically commented on the current situation: “It is time to find an alternative solution for encrypting files and hard drives.”

I'm not kidding!

Initially, there were suggestions that the program's website was hacked by cybercriminals, but now it is becoming clear that this is not a hoax. SourceForge now offers an updated version of TrueCrypt (which is digitally signed by the developers), which prompts you to upgrade to BitLocker or another alternative tool during installation.

John Hopkins University cryptography professor Matthew Green said: "It is highly unlikely that an unknown hacker identified the developers of TrueCrypt, stole their digital signature and hacked their website."

What to use now?

The site and a pop-up alert in the program itself contain instructions for transferring TrueCrypt-encrypted files to Microsoft's BitLocker service, which comes with Microsoft Vista Ultimate/Enterprise, Windows 7 Ultimate/Enterprise, and Windows 8 Pro/Enterprise. TrueCrypt 7.2 allows you to decrypt files, but does not allow you to create new encrypted partitions.

The most obvious alternative to the program is BitLocker, but there are other options. Schneier shared that he is returning to using PGPDisk from Symantec. ($110 per user license) uses the well-known and proven PGP encryption method.

There are other free alternatives for Windows, such as DiskCryptor. Computer security researcher known as The Grugq wrote a whole last year that is still relevant today.

Johannes Ulrich, scientific director of the SANS Institute of Technology, recommends that Mac OS X users pay attention to FileVault 2, which is built into OS X 10.7 (Lion) and later operating systems of this family. FileVault uses 128-bit XTS-AES encryption, which is used by the US National Security Agency (NSA). According to Ulrich, Linux users should stick to the built-in Linux Unified Key Setup (LUKS) system tool. If you use Ubuntu, then the installer of this OS already allows you to enable full disk encryption from the very beginning.

However, users will need other applications to encrypt portable media that are used on computers running different OSes. Ulrich said that what comes to mind in this case is .

The German company Steganos offers to use the old version of its encryption utility Steganos Safe (the current version is 15, but it is proposed to use version 14), which is distributed free of charge.

Unknown vulnerabilities

The fact that TrueCrypt may have security vulnerabilities is a serious concern, especially since an audit of the program did not reveal such problems. Users of the program have raised $70,000 for the audit following rumors that the US National Security Agency could decode significant amounts of encrypted data. The first stage of the study, which analyzed the TrueCrypt loader, was carried out last month. The audit did not reveal any backdoors or intentional vulnerabilities. The next phase of the study, which would test the cryptography methods used, was planned for this summer.

Green was one of the experts involved in the audit. He said that he did not have any preliminary information that the developers were planning to close the project. Green said: “The last I heard from the developers of TrueCrypt was: “We are looking forward to the results of the phase 2 trial. Thank you for your efforts!” It should be noted that the audit will continue as planned, despite the shutdown of the TrueCrypt project.

Perhaps the creators of the program decided to suspend development because the utility is outdated. Development stopped on May 5, 2014, i.e. after the official end of support for Windows XP. SoundForge mentions: "Windows 8/7/Vista and later systems have built-in tools for encrypting disks and virtual disk images." Thus, data encryption is built into many operating systems, and developers may have found the program no longer needed.

To add fuel to the fire, on May 19, TrueCrypt was removed from the Tails secure system (Snowden’s favorite system). The reason is not entirely clear, but the program clearly should not be used, Cluley noted.

Cluley also wrote: "Whether it's a scam, a hack, or the logical end of TrueCrypt's lifecycle, it's clear that conscientious users won't feel comfortable trusting the program with their data after this fiasco."

Encryption is the process of encoding information in such a way that it cannot be accessed by other people unless they have the necessary key to decode it. Encryption is typically used to protect important documents, but it's also a good way to stop people trying to steal your personal data.

Why use categories? To break down the huge variety of information encryption programs into simpler and more understandable sets of programs, i.e. structure. This article is limited to a set of utilities for encrypting files and folders.

Utilities for encrypting files and folders - these utilities are discussed in this article. These encryption utilities work directly with files and folders, unlike utilities that encrypt and store files in volumes (archives, that is, file containers). These encryption utilities can operate in on-demand or on-the-fly mode.
Virtual disk encryption utilities. Such utilities work by creating volumes (encrypted containers/archives), which are represented in the file system as virtual drives with their own letter, for example, “L:”. These drives can contain both files and folders. The computer's file system can read, write and create documents in real time, i.e. in the open. Such utilities work in "on the fly" mode.
Full-drive encryption utilities - encrypt all data storage devices, for example, hard drives themselves, disk partitions and USB devices. Some of the utilities in this category can also encrypt the drive on which the operating system is installed.
Client encryption utilities in the cloud: a new category of encryption utilities. These file encryption utilities are used before uploading or syncing to the cloud. Files are encrypted during transmission and while stored in the cloud. Encryption utilities in the cloud use various forms of virtualization to provide client-side access to the source code. In this case, all work occurs in “on the fly” mode.

Cautions

Operating systems are vicious: echoes of your personal data - swap files, temporary files, power saving mode files ("system sleep"), deleted files, browser artifacts, etc. - will likely remain on whatever computer you use to access the data. It is not a trivial task to isolate this echo of your personal data. If you need to protect hard drive data while it is moving or coming from outside, then this is quite a difficult task. For example, when you create an encrypted archive of files or unzip such an archive, then, accordingly, the original versions of the files or copies of the original files from this archive remain on the hard drive. They may also remain in temporary file storage locations (aka Temp folders, etc.). And it turns out that the task of deleting these original versions becomes a task not of simply deleting these files using the “delete” command.

Just because an encryption program "works" does not mean it is secure. New encryption utilities often appear after "someone" reads applied cryptography, chooses an algorithm, and gets to work developing it. Maybe even “someone” is using proven open source code. Implements the user interface. Make sure it works. And he will think that this is all over. But that's not true. Such a program is probably filled with fatal bugs. "Functionality does not equate to quality, and no amount of beta testing will reveal security issues. Most products are a fancy word for 'compliance'. They use cryptography algorithms, but are not secure themselves." (Free translation) - Bruce Schneier, from Security Pitfalls in Cryptography. (original phrase: "Functionality does not equal quality, and no amount of beta testing will ever reveal a security flaw. Too many products are merely buzzword compliant; they use secure cryptography, but they are not secure.").
The use of encryption is not sufficient to ensure the security of your data. There are many ways to bypass protection, so if your data is “very sensitive”, then you need to also think about other ways of protection. You can use this article as a “start” for additional searches risks of using cryptographic software.

Overview of file and folder encryption programs

TrueCrypt was once the best program in this category. And it is still one of the best, but no longer corresponds to this category, since it is based on working using virtual disks.

Most, if not all, of the programs described below expose the user to non-obvious threats, which are described above in point #1 from the list.cautions . TrueCrypt, which is based on working with partitions rather than working with files and folders, does not expose users to this vulnerability.

Sophos Free Encryption- no longer available.

Quick selection guide (download programs for encrypting files and folders)

AxCrypt

		Integration with Windows Explorer context menu. AxCrypt makes it just as easy to open, edit, and save encrypted files as you would with unencrypted files. Use this product if you need to frequently work with encrypted files.
		The program uses Open Candy (installed with additional third-party software). If you want, you don’t have to install it, but then you need to register on the site.