TENS - Trusted End Node Security

Despite the fact this is waving a cape at a bull - the product's very well made.

So please - no heated arguments for or against government institutions.

The stand-alone encryption wizard is state of the art - giving military grade encryption a brand new face :laughing: .

The encryption wizard is a Java program and can be run on any device with a Java environment. If you raise a concerned voice - yes Java in the browser can be - is insecure - Java on the computer is not and the encryption wizard does not make use of anything browser related - I have tested it.


Don't you turn into ...


How do I know your software isn't full of backdoors?

Because doing so would violate principles of enlightened self-interest in exchange for no benefit. In other words, "we don't do that because that would be dumb".

The AES algorithms and their underlying Rijndael ciphers are well known, publically available, and extensively analyzed. No feasible attacks against AES have yet been demonstrated. The attacks which have been published to date fall into two broad categories. The first are academic/theoretical (in which the actual attack would take millennia, require calculating power that makes a Star Trek computer look like a microwave oven, or both). Technically this is faster than brute-forcing the keys, but still not practical. (my emphasize)

Some concluding observations from a pragmatic point of view:

  • Deliberate backdoors are a violation of our own tenets of cybersecurity.
  • If we were willing to hide backdoors in public software, we'd be willing to lie about it on a public webpage. Sending us an email to ask if we have backdoors is not a useful thing for you to do with your time.
  • A backdoor to a system needs a key. If the key to a backdoor were to get out (whether by accident, malfeasance, or disgruntled employees is irrelevent), then whatever is protected by that system becomes vulnerable. Given that the primary use of Encryption Wizard is to protect sensitive information relevant to the DoD, inserting a master backdoor would be dangerously risky and profoundly shortsighted.


As if others weren't able to create a better distro without any taxpayers' money. It's only advantage seems that it's approved by government for handling confidential and classified information.

Well - someone has to pay :slight_smile: and it is freely available - even the source code is available.

I am more interested in the encryption application.

As a distro it is still 32bit. The next edition will be 64bit, in a year given their previous update history.
The encryption application is a Java GUI for PGP probably.

What I mean is don't expect miracles from government software, rather the opposite.

The reason I find it interesting is the abstraction of the tedious tasks needed to protect sensitive information.

It is quite possible on Linux using other tools - but it often requires knowledge of command line and often it is not portable or requires a certain operation system to decrypt.

This implementation makes it incredible simple to protect sensitive documents with a strong encryption and the app itself is portable - requires no installation - only a recent version of Java - and the protected data is portable - transferable using any means - that be on an USB, a cdrom or electronic.

Do you - of the top of you head - know of a similar application from the repo or AUR?

I am searching for something like this - portable - not requiring specific systems - other than Java - to run?

Enigmail for Thunderbird.

I know that - but I am looking for a file encryption utility - capable of creating / holding archives of documents - with the same simplicity as the EW?

Everything I can find is disk encryption tools working at disk level - not file level.

For basic things I used 7zip. Created a password protected archive. I can't remember if there are other than the default algorithm.

I think I just found something - VeraCrypt - and recall I have heard the name before - just never associated with this kind of storage.

Let's go through the list "approved" by the GPG project.

Veracrypt again is for disks IIRC, you asked for folders.

Yes - but I found that a VeraCrypt volume can reside in a file - and can be moved around like any other files.

It is available for Windows, Mac and Linux. It is not quite the same - but it could be of use.

Unlike Enigmail It can encrypt files.

1 Like

You can also simply use gpg to encrypt single files - don't even need to create a key for that as gpg also supports symmetric encryption: gpg -c filename
Or openssl: openssl enc -aes256 -pbkdf2 -in inputfilename -out outputfilename

1 Like

You probably did know, but nonetheless: This goes for LUKS and/or any linux filesystem as well. Feature-wise Veracrypt just "adds" the support of other OSes.

1 Like

Forum kindly sponsored by