Comodo Disk Encryption Wishlist V1 [locked]

[Guest]

[3xist]

In preparation for Comodo Disk Encryption, Coming Soon!

Thread locked for now.

[umesh]

Thread opened for adding future enhancements.

[smithisize]

Not sure what to call this. But say I was running an FTP server. I would love to be able to encrypt the entire disk, but let the users of the FTP server read/write to their perspective folders.


Thanks

[Radu Vornicu]

Not sure what to call this. But say I was running an FTP server. I would love to be able to encrypt the entire disk, but let the users of the FTP server read/write to their perspective folders.

Thanks

You can do that using the current version. When the user connects to you ftp and tries to upload or download a file, he is accessing that information using your computer ( through the comodo encryption driver ). Basically if you see the disk / partition / user folder then they see it to.

[smithisize]

So it has the ability already? Will it leave the rest of the disk, including those files, encrypted to say someone who tries to physically access the computer?

[Andrei Ciubotaru]

So it has the ability already? Will it leave the rest of the disk, including those files, encrypted to say someone who tries to physically access the computer?

You should have no problem doing this with the current version. Let's say you use CDE to encrypt D:. Here you have you FTP root folder. If you had the proper USB stick then you are able to see the D: drive... and if you do all other application can. This includes FTP server also... which "feeds" whatever clients ask for... so they won't have a problem seeing their folders.

Conclusion: If you are running a FTP server and want to encrypt the drive containing the client folders, you can do it, but take into consideration that you have to use the USB key so the FTP server can see the folders.

[smithisize]

Ah I see.


So there's no way to encrypt everything except for what the FTP server uses? Or giving the server permissions, via disk encrypt software, and abilities to decrypt the user folders on the fly?

[Emanuel Sescu]

CDE does not support folder encryption. Only disk (partition) encryption can be performed.
For your FTP server you can use windows file-system encryption to encrypt folders outside root partition, and root partition can be fully-encrypted with CDE.

[Andrei Ciubotaru]

Ah I see.


So there's no way to encrypt everything except for what the FTP server uses? Or giving the server permissions, via disk encrypt software, and abilities to decrypt the user folders on the fly?

I think what you really want is a FTP server that supports user folder encryption. Sounds interesting, but I do not see the use... The only person that could spy on user data is the FTP server admin. If you properly configure the FTP Server, a user cannot remotely access other users folders. This means the only use of encrypting user folder content would be to keep the info hidden from the eyes of the Admin... If you worry about this, then your Admin is the problem:).

As Emanuel mentioned, CDE is for disk encryption. It works with disk not with files/folders.

[smithisize]

Oh ok.


lol the admin's not the problem because I am the admin. And I know how to configure the FTP, because I'm running it now. I just thought it would be useful should some internet bot get lucky and hack it


Well thanks for your time, and I'll look into some server software with user folder encryption.

Thanks,
Marcus

[hbobeck]

Thread opened for adding future enhancements.

I noticed that upon removing the USB stick, the encrypted drives (I'm working with external USB HD's) stay accessible until the computer is rebooted.

Would it be possible to return to "encrypted" state from the moment the USB stick is removed?

This would be useful when working with encrypted partitions on computers which are used by several people.

Thanks,

Harry

[Riven]

I noticed that upon removing the USB stick, the encrypted drives (I'm working with external USB HD's) stay accessible until the computer is rebooted.

Would it be possible to return to "encrypted" state from the moment the USB stick is removed?

This would be useful when working with encrypted partitions on computers which are used by several people.

Thanks,

Harry

I prefer that staying that way. I have old notebooks with 2 USB and having one used 100% will kill the mouse, at least, because it's using the other USB for others tasks (wireless usb, for example).

[spasserfan]

CDE does not support folder encryption. Only disk (partition) encryption can be performed.
For your FTP server you can use windows file-system encryption to encrypt folders outside root partition, and root partition can be fully-encrypted with CDE.

Will folder/file encryption be added in a later version? That is my wish on this list.

[DaRtH VaDeR.]

Good day,

I have read that hackers found a way to bypass security of disk encrypted files that were hidden (this is extra safe), this way the hidden encrypted files were visible; this could be achieved because Google desktop and some other programs left traces which could be hunt down...  I don't know if Comodo Disk Encryption has build-in protection against this kind of attacks, but if it hasn't it will be nice to add it.. Also I do not know if Comodo Disk Encryption has support for encryption of files/hard disk (partition) and the ability to make it invisible...

On Youtube there is this video that made me concerned about the "hack proofness" of certain disk encryption solutions:

http://www.youtube.com/watch?v=JDaicPIgn9U

I also hope Comodo Disk Encryption can resist this kind of attacks, and if it can not at this stage I hope it will be added in the future...

 

 

[CGPMaster]

I've Watched that video and i also called up my BlackHat Friends and see if they could "break into" a encrypted hard drive and no luck.
so With out the key (usb) cannot be recovered unless you could take the image of the disk drive and start guessing the key's data to make a complete "Virtual Key" To unlock the encrpted date but this method takes patience and also knowledge...
there are other methods as well.

but my wish for a added feature i would like to see the other way around also, were you encrypt the usb to only work on that computer,
also to give brief info on the Cryption Methods
also to make the encrypted drive unformatable (option to enable or disable) unless key is detected..
Also, i would like if it is possible
for the user to have a option to delete a file securely (unrecoverable) or (unrecoverable with out the key)

Very Nice Product Good Job!

(I've tested different break in methods on a 2.4 GHZ winxp pro 2GB Ram and a 750GB HD and still testing)

Comodo Semper Fi!

[Tags:]