Rename files
Have you ever read articles about viruses, spyware, malware. and other harmful applications? I'm sure you have.
You have also noticed how they sometimes disguise themselves as system processes and other commonly used applications.
That's actually a really good idea. How about turning this against bad guys?
If you don't protect your computer very well or if you accidentally install infected application,
your computer may be infected by spyware. Right now Guarded Key is relatively new and it is not known to spyware,
but in future somebody might develop spyware that would try to find and steal the Guarded Key database
from your computer or USB drive, but we can make it more difficult to find the app and the database.
We can rename Guarded Key application executable and encrypted database file. When initializing Guarded Key database,
the application creates database file with 'edb' extension, therefore we have:
guardedkey.exe (executable file)
guardedkey.edb (encrypted database)
The application can be renamed to anything you want, but you need to keep extension.
Database must have the same name as the application executable, but extension can be anything
(except extension representing executable file). Database actually may have no extension at all.
Let's rename Guarded Key:
ABC_67894.exe (executable file disguised as another application)
ABC_67894.jpg (encrypted database disguised as a picture file)
Other examples:
svchost.exe (executable file disguised as system file which starts services)
svchost (encrypted database disguised as a file without extension)
Ultimatelly you can disable Indexing for the folder where the application is stored.
This will slow down considerably search for the application by content of the executable file.
When you find that your computer has suddenly started extensive hard disk operations and
no automatic update or similar process is running, this could be indication of infected computer and
spyware searching for Guarded Key database.
Spyware could also explore processes that are running, but this is not reliable
if you renamed the application and the application may not be running at all times.
What we have described here is somewhat hopeless attempt to protect the database.
Hackers are really good in what they do, we have to admit that.
If your computer is already infected, we can never be sure about anything.
Although encrypted database itself is useless, spyware could also monitor your keystrokes to
figure out password, so we have to do our best to protect ourselves and make it harder to
actually find the encrypted database.
Note: We will constantly continue to improve safety and
come with ideas how to prevent unauthorized users to download your database.
One of the ideas is having Guarded Key placed on the computer and start it first,
then insert USB flash drive. Application could monitor USB storage and when it shows up
in the system, it could immediately acquire exclusive lock on the database file,
so that no other application could access it (not even read it).
Join as on Twitter or Facebook, visit our web site and monitor our progress.
Copyright (C) 2011-2016 Robert Janik, Brno, Czech Republic
|