FOR

Steganos Security Suite makes it simple for an individual to maintain privacy, both locally and across the Internet. A prime feature is the ‘Safe’ - a virtual disk on which files are maintained in an encrypted form. Whenever the operator opens the Steganos Safe, its contents will appear as if normal (and clear of encryption), gathered together as a particular device, whose letter is chosen in advance. When the Safe is not open, it is as if it was totally invisible, and its contents are encrypted. When the Safe is open, a special device driver module (software) directly decrypts and encrypts data requested from and sent to the Safe.

This important feature introduces the operator to strategies for keeping data private, and actually affords good protection when an unauthorized person attempts to use the station. In the worst case - when an interloper actually removes the hard record of data - he will find the files invisible under normal Windows, and unremittingly encrypted even if he has disk hardware hacking tools. The extra time imposed on the system to decrypt and encrypt data is quite negligible.

One section of Steganos is devoted to managing files and folders. With this you have another optional way of encrypting data, or making it effectively an invisible file, quite separate from the process of moving it into the Safe. With this File Manager you can make use of steganography - the technique of hiding written data. The theory behind steganography is that data privacy can be protected by hiding the information - quite apart from cryptography, which hides its meaning by converting its representation. With the Steganos Security Suite you can do both: you can encrypt a message, and then employ steganography to disguise the message entirely by incorporating it into a graphical file. Any large and detailed enough photo will do, for example. The vital message can be hidden within the graphic file and then (for instance) sent as an attachment to some email. If the recipient knows it’s there, she can extract the message from the file and decrypt it - but passers-by, hackers and interlopers will hopefully not even suspect that the message has been sent and received, because they have no reason to believe that the graphic was anything other than what it appeared to be.

Another featured module is the Internet Trace Destructor, which will selectively delete thoroughly pages from the Internet that the browser has written to disk as cache or temporary store, and erase all kinds of links that have been made. Of course, the theory is that given access to your computer long after you have been surfing on the Internet, another person can compromise your privacy and establish your taste, interests and sources of information. This little application does a thorough job of preventing this. Note that this is not an online tool to grant anonymity.

Not all users of data are aware that ‘deleting’ a file in a Windows system does no such thing; instead it ‘forgets’ (intentionally) the location of the file’s data on disk. Often this data is still present and not overwritten for a relatively long time after its supposed deletion. However, Steganos offers a function that does a secure deletion, which it calls ‘shredding.’ After using it, it should not be possible at all to resurrect a file; the data is truly gone.

One excellent feature is actually the simplest of applications using cryptography. The Password Manager is a secure receptacle for the recording of any keys, codes, passwords and so on, that apply to users’ operations. They no longer need to make a list of passwords taped to a desk, which is manifestly unsafe. By menu selection or by pressing a hotkey, the operator can invoke a lock on the computer. This lock forbids interference by another operator starting or terminating a program or any other function, but actually allows anything that is already running, or pre-selected programs. The lock can be removed only by supplying a valid password. In this way operators can leave their machines temporarily without compromising their privacy and no other person can take control of the computer while they are absent.

The advanced encryption standard (AES) is the method used within Steganos Security Suite to maintain the Safe, encrypted files and folders, and the Password Manager. Blowfish, on the other hand, is used for encrypting emails and for steganography. The Steganos Security Suite has several unrelated functions: encryption, steganography, a virtual safe, password maintenance, data shredding, station locking. Of these, only the Safe can be thought of as a seamless operation, performed automatically.

The suite is easy to use, extremely flexible, and that is perhaps its strongest characteristic. It can familiarize a novice operator with the primary principles of data privacy, and give a systems administrator an insight as to the nature of security policies that may be adopted later, when the enterprise expands. The price is low, and using the suite is pleasant and informative.
 

SC On-Line
SC Magazine
www.scmagazine.com