Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

Program to lock files on your flash drive.

- - - - -

  • Please log in to reply
26 replies to this topic

#1
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

Hello everyone!

 

I have developed a program that allows you too lock files on your flash drive. It's not the most secure thing on the planet. But it will keep the average joe from peaking at your files.

 

http://graniteportable.com/

 

If anyone has any ideas, or suggestions, then let me know :)




How to remove advertisement from MSFN

#2
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,465 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

I have a suggestion :), but you won't like it :(.

You simply cannot use "portable" and ".Net Framework" in the same page :w00t:, particularly when together with "4 or higher" :ph34r:.

Apart from the above, which is of course due to my allergy to .Net (let alone 4.0 or higher), I am sure that a few words explaining what the software does and what advantage/differences it features when compared to other similar solutions would be greatly useful.

 

jaclaz



#3
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

I have a suggestion :), but you won't like it :(.

You simply cannot use "portable" and ".Net Framework" in the same page :w00t:, particularly when together with "4 or higher" :ph34r:.

Apart from the above, which is of course due to my allergy to .Net (let alone 4.0 or higher), I am sure that a few words explaining what the software does and what advantage/differences it features when compared to other similar solutions would be greatly useful.

 

jaclaz

 

Well... That's very true :P However, don't all Windows 7/8 computers come with the .net framework 4 pre  installed? 

 

Edit: Actually I'm wrong. Windows 7 Comes with 3.5. I guess the first thing I'll do is change the required .net framework to version 3.0

 

NET Framework 3.0: Windows Vista, Windows Server 2008
.NET Framework 3.5 SP1: Windows 7, Windows Server 2008 R2
.NET Framework 4.0: Windows 8
.NET Framework 4.5: Windows 8


Edited by Shayne, 07 September 2013 - 01:48 PM.


#4
JorgeA

JorgeA

    FORMAT B: /V /S

  • MSFN Sponsor
  • 3,167 posts
  • Joined 08-April 10
  • OS:Vista Home Premium x64
  • Country: Country Flag

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

 

--JorgeA



#5
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

 

--JorgeA

 

Alright, let me give you a better description.

 

How it works is it has a folder called "vault." Everything in this folder is locked and inaccessible. In order to unlock the folder, you must start the program, and enter the username and password. Then when you close the program, it locks the "vault" folder along with all its contents.

 

CLSID (not sure why I wrote cclid) is used to change the behaviour of a folder. By adding a CLSID too a folder, you can change what happens when you click on the folder. For example, if you rename a folder and add ".{20D04FE0-3AEA-1069-A2D8-08002B30309D} " to the end of the folder name. The folder will now open "My Computer" instead of the folder contents. There is also a CLSID for a folder lock, which is what Granite Portable uses too lock the Vault.It combines that with the NTFS File permisions. First it uses the CLSID Folder Lock to lock the Vault, then it denies everyone access to the folder. By doing both these things, it makes the Vault semi secure and will prevent the average joe from accessing it.



#6
MrJinje

MrJinje

    Tool™ Developer

  • Developer
  • 1,048 posts
  • Joined 14-October 09
  • OS:Server 2012R2
  • Country: Country Flag

There is also a CLSID for a folder lock,

 

Interesting idea, which class ID is the folder lock.


Edited by MrJinje, 07 September 2013 - 10:48 PM.


#7
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,465 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

Good, now it is much clearer, thanks :).

I would throw on the table - in passing by - the additional use of an invalid folder name :w00t:, which may add some "protection" :unsure:.

http://www.msfn.org/...can-be-omitted/

http://www.msfn.org/...itted/?p=842843

 

jaclaz



#8
JorgeA

JorgeA

    FORMAT B: /V /S

  • MSFN Sponsor
  • 3,167 posts
  • Joined 08-April 10
  • OS:Vista Home Premium x64
  • Country: Country Flag

 

Good luck with the project, the goal sounds interesting but I'm sure I'm not the only one who could use a meatier description, for example:

  1. I see on your website that the file protection involves the use of a password. Is this a type of encryption, then?
  2. I also see that the program "allows you to hide your files from prying eyes." So, does it prevent the filenames from showing in Explorer? I can't tell how the program is intended to work (what it does).
  3. I understand about denying NTFS file permissions, but what is "cclid"? I didn't find anything that looked promising on the Web, although admittedly my search was brief.

Thanks!

 

--JorgeA

 

Alright, let me give you a better description.

 

How it works is it has a folder called "vault." Everything in this folder is locked and inaccessible. In order to unlock the folder, you must start the program, and enter the username and password. Then when you close the program, it locks the "vault" folder along with all its contents.

 

CLSID (not sure why I wrote cclid) is used to change the behaviour of a folder. By adding a CLSID too a folder, you can change what happens when you click on the folder. For example, if you rename a folder and add ".{20D04FE0-3AEA-1069-A2D8-08002B30309D} " to the end of the folder name. The folder will now open "My Computer" instead of the folder contents. There is also a CLSID for a folder lock, which is what Granite Portable uses too lock the Vault.It combines that with the NTFS File permisions. First it uses the CLSID Folder Lock to lock the Vault, then it denies everyone access to the folder. By doing both these things, it makes the Vault semi secure and will prevent the average joe from accessing it.

 

 

That's pretty cool -- thank you!

 

--JorgeA



#9
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

 

There is also a CLSID for a folder lock,

 

Interesting idea, which class ID is the folder lock.

 

The class ID is {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

Good, now it is much clearer, thanks :).

I would throw on the table - in passing by - the additional use of an invalid folder name :w00t:, which may add some "protection" :unsure:.

http://www.msfn.org/...can-be-omitted/

http://www.msfn.org/...itted/?p=842843

 

jaclaz

Thanks. I'll add that to my list of ideas :P



#10
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,465 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

So, basically, the essence of the program can be reproduced in two lines in batch:

http://abhisheksur.w...-in-windows-xp/

 

jaclaz



#11
MrJinje

MrJinje

    Tool™ Developer

  • Developer
  • 1,048 posts
  • Joined 14-October 09
  • OS:Server 2012R2
  • Country: Country Flag

So, basically, the essence of the program can be reproduced in two lines in batch:

http://abhisheksur.w...-in-windows-xp/

 

jaclaz

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder. 

 

So you'd probably have to take ownership, icacls, then rename the folder to get inside.   Seems childproof at the very least.


Edited by MrJinje, 09 September 2013 - 02:52 AM.


#12
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,465 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder. 

 

So you'd probably have to take ownership, icacls, then rename the folder to get inside.   Seems childproof at the very least.

 

Sure :), check "essence" ;):

http://dictionary.re.../browse/essence

 

The comment was following of initial suggestion, only aimed to highlight how the *need* for .Net and/or .Net 4 was highly debatable.

 

To continue on the same path - with - let this be clear - no offence whatever intended to the actual Author of the nice Granite tool :thumbup:, this would more or less add a line to the batch using SECEDIT (or as you pointed out, some sequence of SETACL or similar tools):

http://www.robvander...com/secedit.php

 

There is nothing "bad" of course in using any language or environment but simple things should IMHO made as simply as possible (but not more), particularly if there is a scope into making the thingy "portable".

 

jaclaz


Edited by jaclaz, 09 September 2013 - 04:32 AM.


#13
ROTS

ROTS

    Member

  • Member
  • PipPip
  • 233 posts
  • Joined 22-September 12
  • OS:none specified
  • Country: Country Flag
Here is a good question. What if I insert the flash drive into an machine that does not understands what the hell an encyption is, on the folder itself?

#14
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

 

I believe he said that it also removes permissions so that you cannot simply right click and rename the folder. 

 

So you'd probably have to take ownership, icacls, then rename the folder to get inside.   Seems childproof at the very least.

 

Sure :), check "essence" ;):

http://dictionary.re.../browse/essence

 

The comment was following of initial suggestion, only aimed to highlight how the *need* for .Net and/or .Net 4 was highly debatable.

 

To continue on the same path - with - let this be clear - no offence whatever intended to the actual Author of the nice Granite tool :thumbup:, this would more or less add a line to the batch using SECEDIT (or as you pointed out, some sequence of SETACL or similar tools):

http://www.robvander...com/secedit.php

 

There is nothing "bad" of course in using any language or environment but simple things should IMHO made as simply as possible (but not more), particularly if there is a scope into making the thingy "portable".

 

jaclaz

 

 

I agree that things should be made simple. However, I plan on adding more features, possibly a portable start menu, so that's why I am using C# and not a batch file. As MrJine said, it is "childproof". The idea is too prevent the average person from accessing the files, and that's what it does :)

Here is a good question. What if I insert the flash drive into an machine that does not understands what the hell an encyption is, on the folder itself?

This doesn't use encryption to protect the folder. It uses NTFS File permissions and CLSID. 

 

If you were too plug this into a linux computer, I am not sure what would happen. Obviously the program would not run. But I'm not sure if linux would recognize the NTFS permissions or not.

 

Edit: Thank you for all the comments and suggestions :D


Edited by Shayne, 09 September 2013 - 11:52 AM.


#15
JorgeA

JorgeA

    FORMAT B: /V /S

  • MSFN Sponsor
  • 3,167 posts
  • Joined 08-April 10
  • OS:Vista Home Premium x64
  • Country: Country Flag

You're welcome, and thank YOU for doing this. It's an interesting idea and I'll keep watching it!

 

I, too, was curious what would happen if you plugged a flash drive, protected this way, into a Linux machine.

 

Maybe one could encrypt the file and then apply your program to the resulting file, as another layer of protection.

 

--JorgeA


Edited by JorgeA, 09 September 2013 - 05:51 PM.


#16
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

You're welcome, and thank YOU for doing this. It's an interesting idea and I'll keep watching it!

 

I, too, was curious what would happen if you plugged a flash drive, protected this way, into a Linux machine.

 

Maybe one could encrypt the file and then apply your program to the resulting file, as another layer of protection.

 

--JorgeA

 

I'm glad you are interested in my work :) I add encryption yet, but right now I'm working on adding a Start Menu type feature too the program.



#17
MrJinje

MrJinje

    Tool™ Developer

  • Developer
  • 1,048 posts
  • Joined 14-October 09
  • OS:Server 2012R2
  • Country: Country Flag

Does the GUID/CLSID still show as part of the folder name, like when I do it by hand.   Or could you use an .ini file to give the folder a different display name (hiding the clsid from potential googlers).

 

You know what I mean, like how the desktop.ini can give off a name from a string located in a DLL.

 

From my "Documents" folder.

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21770


#18
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

 

Does the GUID/CLSID still show as part of the folder name, like when I do it by hand.   Or could you use an .ini file to give the folder a different display name (hiding the clsid from potential googlers).

 

You know what I mean, like how the desktop.ini can give off a name from a string located in a DLL.

 

From my "Documents" folder.

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21770

I tried using a desktop.ini file, however I couldn't get it to make any changes to a folder. Maybe there's something I'm missing?

 

I've also added a start menu like feature to the program. :)
BTxtCvxCAAAWhmv.png


Edited by Shayne, 09 September 2013 - 11:05 PM.


#19
MrJinje

MrJinje

    Tool™ Developer

  • Developer
  • 1,048 posts
  • Joined 14-October 09
  • OS:Server 2012R2
  • Country: Country Flag

Here is my new trick to hide ugly GUID file names in pseudo locked folders.  With your desktop.ini and your customized string resource name, set the folder attributes to system hidden.

attrib +s +h B:\Locker.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

to unhide again.

attrib -s -h B:\Locker.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

Assuming you are removing their ability to rename the folder, this should create one more hoop for script kitties to jump through

 

FYI, this wasn't possible in XP, leading to all those complaints in the various threads on google, but this should work on W7 and above.


Edited by MrJinje, 09 September 2013 - 11:49 PM.


#20
JorgeA

JorgeA

    FORMAT B: /V /S

  • MSFN Sponsor
  • 3,167 posts
  • Joined 08-April 10
  • OS:Vista Home Premium x64
  • Country: Country Flag

 

You're welcome, and thank YOU for doing this. It's an interesting idea and I'll keep watching it!

 

I, too, was curious what would happen if you plugged a flash drive, protected this way, into a Linux machine.

 

Maybe one could encrypt the file and then apply your program to the resulting file, as another layer of protection.

 

--JorgeA

 

I'm glad you are interested in my work :) I add encryption yet, but right now I'm working on adding a Start Menu type feature too the program.

 

 

No need to add encryption to your program. The security-conscious among us already know that they can encrypt their files :), what's cool is the file-locking and -hiding features that you're facilitating!

 

--JorgeA


Edited by JorgeA, 09 September 2013 - 11:49 PM.


#21
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

Here is my new trick to hide ugly GUID file names in pseudo locked folders.  With your desktop.ini and your customized string resource name, set the folder attributes to system hidden.

attrib +s +h B:\Locker.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

to unhide again.

attrib -s -h B:\Locker.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

Assuming you are removing their ability to rename the folder, this should create one more hoop for script kitties to jump through

 

FYI, this wasn't possible in XP, leading to all those complaints in the various threads on google, but this should work on W7 and above.

I just tried that and got it too work. Now the CLSID is not visible :) Thanks!!



#22
MrJinje

MrJinje

    Tool™ Developer

  • Developer
  • 1,048 posts
  • Joined 14-October 09
  • OS:Server 2012R2
  • Country: Country Flag

On second look, there might be an other method that works on XP and possibly W7.   Found on an old zenworks post at novell.com   Untested by me, report back, don't forget to change to the correct guid.

 

http://www.novell.co.../tip/16652.html

REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{763370C4-268E-4308-A60C-D8DA0342BE32}]
"NeverShowExt"=""
[HKEY_CLASSES_ROOT\CLSID\{CF8EF420-3DF3-11d0-AC35-00C04FD9338A}]
"NeverShowExt"=""

Edited by MrJinje, 11 September 2013 - 01:34 AM.


#23
ROTS

ROTS

    Member

  • Member
  • PipPip
  • 233 posts
  • Joined 22-September 12
  • OS:none specified
  • Country: Country Flag

If you were too plug this into a linux computer, I am not sure what would happen. Obviously the program would not run. But I'm not sure if linux would recognize the NTFS permissions or not.


From my understinad, some Linux releases support NTFS permissions. Which completly destroys the reason for using Linux

#24
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

 

On second look, there might be an other method that works on XP and possibly W7.   Found on an old zenworks post at novell.com   Untested by me, report back, don't forget to change to the correct guid.

 

http://www.novell.co.../tip/16652.html

REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{763370C4-268E-4308-A60C-D8DA0342BE32}]
"NeverShowExt"=""
[HKEY_CLASSES_ROOT\CLSID\{CF8EF420-3DF3-11d0-AC35-00C04FD9338A}]
"NeverShowExt"=""

Okay thanks. I'll take a look at this. :)

 

Edit: The CLSID does not show up on XP even without trying to hide it.


Edited by Shayne, 11 September 2013 - 07:59 PM.


#25
Shayne

Shayne

    Newbie

  • Member
  • 27 posts
  • Joined 02-June 10
  • OS:Windows 7 x64
  • Country: Country Flag

Does anybody have Windows 8? It would be nice if somebody could test this program on it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users