Steganos Blog

A new version of Steganos Safe 15 for Windows is available immediately.

The update will be offered to current customers within 24 hours for automatic download. An installation is recommended.

    • A problem closing a Safe in Windows 8.x — which in certain circumstances caused the computer to have to be restarted — has been corrected.
    • A problem was corrected in which the Safe main window was displayed in the foreground without reason after unlocking Windows
    • Notice: at this time, the problem corrections apply only to the individual product Steganos Safe, not to the Staganos Safe included in the Steganos Privacy Suite. An update for Steganos Privacy Suite 15 is planned for January 2014.

A new version of Steganos Online Shield for Windows is available immediately.
The update will be offered to current customers within 24 hours for automatic download. An installation is recommended.
  • Problems with connecting to the VPN server have been corrected
  • Connecting and disconnecting have been accelerated
  • A problem was corrected in which user-made deactivations of the automatic start with Windows were re-activated again after an update installation.
  • The notice for automatic repair of the VPN service (should it be compromised by other programs) will be displayed longer.

A new version of Steganos Safe 15 for Windows is available immediately.

Contains all changes listed below from Stegnos Safe 15.1 and Steganos Password Manager 15.1
The update for existing users will be offered for automatic download within 24 hours. Installation is recommended.

    • A system crash (blue screen) when closing a Safe still shown in Explorer in Windows 8.1 was corected
    • The user interface of Steganos Safe acts as expected after returning from Standby/ Sleep mode in Windows 8.x
    • The „Hot Keys“ (keyboard shortcuts) now act as expected
    • A problem with the displaying of more than six Safes has been corrected
    • „Open Safe automatically at Windows login“ now also works when the name of the Safe contains blank spaces
    • The error message „Safe cannot be closed“ although it was closed will no longer be displayed
    • Problems with the opening of portable Safes on certain computers were corrected („USB Starter Error“, „SLE Data not valid“)
    • The occasionally occuring error message „The Safe engine driver ist not completely installed“ will no longer be displayed

 

A new version of Steganos Password Manager 15 for Windows is available immediately.
The update for existing users will be offered for automatic download within 24 hours. Installation is recommended.

    • When starting the program, Windows no longer asks whether you want to allow the program to make changes on the computer
    • When the password of a keyring is changed, the encrypted keyring in the Cloud will immediately be set to the new password
    • In conjunction with Steganos Mobile Privacy for iOS or Android, the incorrect message that a new version of the keyring is available in the Cloud will no longer appear
    • It is no longer necessary to end Chrome for installation
    • Corrections of the English localization

Notice: For technical reasons, it is not possible at the moment to use the Password Manager Plugin (regardless of version) for Internet Explorer. We are working on a solution and recommend in the meantime that you use another browser (for example Firefox or Chrome)

A new version of Steganos Privacy Suite 15 for Windows is available immediately.

Contains all changes listed below from Stegnos Safe 15.1 and Steganos Password Manager 15.1
The update for existing users will be offered for automatic download within 24 hours. Installation is recommended.

Steganos Safe 15.1

    • A system crash (blue screen) when closing a Safe still shown in Explorer in Windows 8.1 was corected
    • The user interface of Steganos Safe acts as expected after returning from Standby/ Sleep mode in Windows 8.x
    • The „Hot Keys“ (keyboard shortcuts) now act as expected
    • A problem with the displaying of more than six Safes has been corrected
    • „Open Safe automatically at Windows login“ now also works when the name of the Safe contains blank spaces
    • The error message „Safe cannot be closed“ although it was closed will no longer be displayed
    • Problems with the opening of portable Safes on certain computers were corrected („USB Starter Error“, „SLE Data not valid“)
    • The occasionally occuring error message „The Safe engine driver ist not completely installed“ will no longer be displayed

 

Steganos Password Manager 15.1

    • When starting the program, Windows no longer asks whether you want to allow the program to make changes on the computer
    • When the password of a keyring is changed, the encrypted keyring in the Cloud will immediately be set to the new password
    • In conjunction with Steganos Mobile Privacy for iOS or Android, the incorrect message that a new version of the keyring is available in the Cloud will no longer appear
    • It is no longer necessary to end Chrome for installation
    • Corrections of the English localization

Notice: For technical reasons, it is not possible at the moment to use the Password Manager Plugin (regardless of version) for Internet Explorer. We are working on a solution and recommend in the meantime that you use another browser (for example Firefox or Chrome)

The new iOS version of Steganos Mobile Privacy is now available:

    • New Look for iOS7
    • Local keychains are deleted after disconnecting from the Cloud
    • A problem with the Dropbox connection, where sometimes several connection attempts were neccessary, was fixed.
    • Many small improvements, i.e. in the english localization

A new Steganos Online Shield 365 is now available:

    • The chosen country (Shield location) will now also be used for the automatic connection on Windows startup
    • Improved stability thanks to automatic repair of the VPN service, in case it was affected bei other applications
    • Fixed a problem which could in rare cases lead to a crash while connecting
    • More small improvement; i.e. on the connection screen of the free version, and in the spanish localisation

Gabriel Yoran
Gabriel Yoran, founder and CEO of Steganos GmbH

For the last several months, the Guardian and other media have been publishing snippets of confidential information revealed by former NSA contractor, Edward Snowden. This deluge of classified material has become background noise, to the extent that a general impression has now been formed that the US and UK intelligence services can pretty much do anything, and that no one is safe from their reach.

As a manufacturer of security software, we see it as our obligation to at least shed some more light on the subject. The data available for the task is limited since it is assumed that, with governments being involved, some details have been deliberately withheld so as not to endanger national security.

Can the NSA crack all encryptions?

The most important question first: Can the NSA (or its partners) crack all encryptions? We assume they cannot. But the NSA doesn’t have to. A large part of its work consists of intercepting data before or after it is encrypted. If the NSA had bugged your PC (which we can generally assume is not the case) the best encryption in the world would be useless, because the NSA Trojans would record the data in advance. So a “clean” PC is the prerequisite for successful encryption.

As a further measure, the NSA apparently attempts to persuade companies to deliberately incorporate errors or backdoors into their products in exchange for cash payments. This has never happened at Steganos. Steganos has never received any such request, nor does it implement backdoors, master passwords or similar devices into its products. Steganos is a German limited liability company based in Berlin and is not subject to any influence by the US, UK or any other country. Germany has strict data protection laws and does not currently have any regulations on the retention of data (a related lawsuit brought by the European Commission against Germany has yet to be decided). This situation makes Germany a good location for providers of security products. We very much hope that the political situation will not deteriorate here, but that, on the contrary, this location’s advantage is recognized and actively encouraged.

Personal guarantees by employees against infiltration

Based on these framework conditions, every Steganos employee is also obligated (as part of his or her employment or service contract) to abide by the German Federal Data Protection Act. They sign agreements based on United Nations’ transparency regulations to prevent outside influence and infiltration of the company by a third party.

Furthermore, Steganos has strict data protection guidelines that should also be as transparent for our users as possible. By the way, the guidelines for our VPN product, Steganos Online Shield, have just been called “pleasingly specific” by c’t magazine (issue 20/2013). Our product was given the best review of all those tested.

Beware of the ‘five-eyes’ countries and generally take precautions

All these measures can only work if no unencrypted data is stored on or transferred via servers in the US, Canada, UK, France, Australia or New Zealand. These countries have what is known as the five-eyes agreement that permits close cooperation between the respective countries intelligence services. If you want to play it safe in any of these lands, you should consider the following:

(a) If you use a VPN product, choose the Steganos Online Shield or OkayFreedom servers that are not located in any of the five-eyes countries (there are a wide variety of alternatives). Even though Steganos servers located in data centers maintained within these regions are safe, determining what happens to the data after it has been channeled through such areas is not always clear. Nor is it completely clear what occurs in other countries. Therefore, it is generally recommended that both the route as well as the user data are encrypted.

(b) Use encryption software to encrypt e-mails, cloud content and files. For example, the Steganos Privacy Suite encrypts the data on your local PC before it reaches the Internet.

Encryption is your friend

Whether you’re sending emails, attachments or using cloud storage, encryption is your friend. Trust the math, as security legend Bruce Schneier once said. There have never been any known attacks on correctly-implemented modern encryption procedures (such as AES 256 bit). Edward Snowden said in the Guardian: “Encryption works.” It makes no business or financial sense to go to the effort of implementing or paying for software containing backdoors. Cracking good encryption (with good passwords) is highly complicated and time consuming. It requires huge numbers of supercomputers connected in a series. Even then the outcome of such concerted attacks is uncertain.

But often the effort is not even necessary, since most users don’t encrypt their data. The NSA has approached security firms, email providers, cloud storage service providers and social networks. The US companies that (have to) help the NSA in any way are not allowed to discuss it – not just in the way they help, but even the act of collaboration in itself. Google, Microsoft, Yahoo, and now Facebook have filed lawsuits against this regulation. No such regulations exist in Germany.

Independence from governments and services

Another possibility for intelligence services to gather data is to tap into a local (W)LAN, in cooperation with network providers via their data centers or directly from deep sea cables. Advisable in all of these cases is a good encryption service that encrypts the data and, ideally, the transport route as well. TLS/SSL is a suitable process for the latter. This is performed inside Steganos Online Shield, Steganos Internet Anonym and OkayFreedom. The Snowden reports suggest that the NSA compromised the certificates necessary for secure encryption using this process. As a result, Steganos itself signs the certificates it uses in the products named above – without relying on American or other service providers who may have been forced to cooperate with the NSA.

We hope to have brought some clarity to this complex matter. The ongoing horror stories about the methods used by the intelligence agencies should not dissuade us from protecting our data using the best available methods or discontinue to work of making these complex techniques comprehensible and available for as many people as possible – free of political influence, backdoors and predetermined breaking points.

Subcategories

Page 6 of 7