Macintosh Software Search: Try our fast new search technology  
|
Deals: Daily  /  Extended  |  Weekly Popular  |  Hot Picks  |  iPhone  |  AboutAdd a File +
  Main   Members
User "MEHMEH" Profile
user image
About T
Real Name:T D 
Posts:3
Recent Downloads:
  1. AppleJack
  2. Whamb
  3. Conversation
  4. MacIrssi
  5. Irssix
  6. WeatherPop
  7. WeatherSnitch
Software Wish List:
Members can add software listings on MacUpdate to their wish list for others to view for software gift ideas
User Reviews
icon
jFileCrypt 0.21
Type: Comments
Date: 6 May 2007 19:09

Just a few suggestions...

1) Blowfish's key length is variable from 4 to 56 bytes, however, Java's export restrictions only allow a maximum of 16 bytes. It's not 'Any length' as described in the 'Algorithm info' window.

2) ARC4's key length is variable from 1 to to 256 bytes, but again Java's export restrictions cripple this to a maximum of 16. It's also not 'Any length'.

3) The block ciphers only use ECB mode, and since a picture is worth a thousand words, I'll let the picture at the bottom of this section on Wikipedia explain why that's bad: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29

4) RC4 is used in a more insecure way. There are no precautions taken against the Fluhrer, Mantin and Shamir attack.

5) The password input is used directly as a key, unless the password is greater than the key length, at which point it is hashed with SHA-1 and truncated to key length. Wouldn't it be better to just use truncated SHA-1 or SHA-256 in the first place? You might also want to use a salt.

6) There's no checking before decryption to see if the password entered was correct. I can understand the reason for this from a power user perspective, but Joe User is going to complain heavily to you when he decrypts his document with the wrong password and it comes out as garbage, but is still unaware of what went wrong.

icon
MatrixJam 0.0.2a
Type: Comments
Date: 12 Feb 2006 03:09

Dev deserves a cookie. Indeed very cool, and worth the download.

icon
Vuze 2.1.0.4
Type: Comments
Date: 27 Aug 2004 18:43

This is a great app, and by-far the best BT Client on Mac. It makes the Official Client look pathetic. Kudos!

The opinions expressed in the reviews are not necessarily those of MacUpdate. MacUpdate waives any legal binding related to the comments and opinions expressed in the reviews. Please contact MacUpdate politely if you wish for a comment to be reviewed by MacUpdate for removal.

back   Back to Main