I was just wondering if anyone has used SecureCard?
This app. sounds interesting but I don't think I want to risk my SD card testing it.

Thanks for any info!

it is not anything too interesting. it just encrypts files on the card on app enter/exit. point is: card is useless in a cardreader then.

it is not anything too interesting. it just encrypts files on the card on app enter/exit. point is: card is useless in a cardreader then.Sounds nice. However I suppose that many are using card as a drive or runs it on the card reader quite often so in that mind not so usefull. But btw here http://www.tranzoa.com/html/compete.htm are much of securing softwares if someone is searching something like that.

any encryption software will have the same problem as this one. the one possible solution i can think of it encrypt hardware blocks on read/write, and then make a driver for the major PC OSs so they can read them.

A worse problem with encrypting on exit is that because of the way flash is designed for write-leveling, the cleartext data is still there in flash, even after encryption. The security is quite low--just run good data recovery software on the flash, and you'll get all or almost all of the cleartext. Once cleartext is on a flash drive, there is basically nothing you can do to secure it, short of really low level access to the drive.

This is why Palm's encrypt-on-lock, and any other solution that encrypts data after an app exits, is no good at all on NVFS systems, and indeed is harmful by providing a false sense of security.

Wow, thank you all for your responses, especially Dmitry and Alex for putting these apps in a practical context :)

I guess the most secure way to store info. in my palm would be in internal RAM and backup with encryption to an sd card. At least this way, losing your sd card won't be so bad. Losing your pda may not be bad as it can be locked preventing access to data.

I believe Resco Backup uses zip file encryption which I believe is not that secure. I haven't tried NV backup, so I guess I'll read up on it next chance I get.

Once again, Thanks Guys!

Cheers

I'm sure Alex will chime in if I am wrong, but I believe that his NVBackup also uses zip encryption.

The bottom line is that anything within your Palm's memory that is REALLY important (passwords, PIN codes, and the like) should really be protected with a separate encryption program (keyring, YAPS, etc.), which will have a second layer of encryption beyond the basic zip encryption in the backup. I don't think it's reasonable to expect a high level of security from your backup program-- that's not its main purpose.

goonie, no. what alex and me mean is that if you want good encryption you should wait for him or me to make a REAL secure app that will encrypt data BEFORE it is written to flash:-)

Locking won't stop the determined hacker who can open the device and read the data off the chip. :-) This is particularly clear in the case of the Lifedrive, where popping out the drive is really easy, I understand.

which is why you need to encrypt before writing takes place :-)