[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Steganos Encrypted Safe NOT so safe
From:       support () steganos ! com
Date:       2007-04-26 12:55:39
Message-ID: 20070426125539.10833.qmail () securityfocus ! com
[Download RAW message or body]

In response to frankrizzo604’s comment, Steganos would like to dispel the rumor that \
its Steganos Safe encryption software is easily cracked. Steganos Safe enables users \
to create any number of secure virtual drives in which data is safely stored and \
encrypted. However frankrizzo604 goes through several steps ‘teaching’ users how to \
open others’ encrypted files. In his last step, he claims Steganos will ‘PUNISH you \
by resetting your encrypted drives passwords to "123" until you buy a registered \
copy’, implying that the password feature can be circumvented thus opening anyone’s \
safe. He conveniently left out that before he was able to reset the password to \
"123", he had to enter his original password to open the safe. Then, he saw this \
message box:

http://www1.steganos.com/support/screenshots/safe8_123_infobox.png

It is absolutely not possible to open any Steganos Encrypted File without having the \
original password. The Steganos support and development team reconstructed the \
process he described. It is not possible to open a Safe WITHOUT the original \
password. In the 2007 generation of Steganos products, Steganos decided to set the \
Safe attributes to write protect. Steganos would like its user to rest assured that \
their files are in fact still encrypted and safe from hackers. 


[prev in list] [next in list] [prev in thread] [next in thread]