Cryptnos is a multi-platform, Open Source application for generating strong, pseudo-random passwords using cryptographic hashes. It combines a unique "site token" such as a website domain name with a master password and runs this data through a cryptographic hash algorithm to produce a password that is unique, lengthy, seemingly random yet completely repeatable. Unlike similar products, however, it is exceedingly flexible. It is not a browser plugin, so it can be used with other applications outside the Web. It provides unparalleled versatility by letting you specify the cryptographic hash to use, how many iterations of the hash to perform, what characters to include, and how long the final password should be. Best of all, it is exceedingly secure. Your master and generated passwords are NEVER stored, and the parameters to recreate your passwords are stored in an encrypted form.

Cryptnos is currently available for Microsoft Windows via the .NET Framework 2.0, as well as for Google Android powered devices. A version for pure Java is under development, as well as an HTML/JavaScript online version that should work with any browser.

Not sure if Cryptnos is for you? Try it online first!

Releases, Windows

Cryptnos for Windows 1.3.3 Released

March 13th, 2013 | Permalink | Comment?

We’re happy to announce that Cryptnos for Windows 1.3.3 is out in the wild. You can find the relevant download links on the official page or, if you have automatic updating turned on, Cryptnos should discover the new version in the not to distant future. Here’s a quick rundown of what’s changed:

We’ve (hopefully) fixed a nasty bug (Issue #8 in the issue tracker) that may be affecting users who run Cryptnos as an account with less than admin privileges. This seemed to crop up especially in corporate environments with strict security policies that heavily restrict users’ access. Surprisingly, this resulted in a complete loss of the user’s Cryptnos data, forcing them to restore from a recent backup. I prefix this with “hopefully” because the number of reports of this problem were very few, and we haven’t heard back from those folks who volunteered to test the fix to see if it worked. I too was affected by this and it appears to work in my instance, but without further feedback it’s hard to know for sure.

We’ve also granted another user’s request with Issue #10, at least partially. We’ve added a few interesting “hot keys” that let you toggle some settings or perform a few simple tasks right from the keyboard, for those old farts like me whose hands rarely leave the keys. In specific, we’ve added one hot key to toggle the “keep on top” setting, which allows you to quickly force Cryptnos to stay on top of other windows while you do something else, like manually type in your generated password. (Some folks prefer not to use the copy-and-paste method, and we can’t blame them.) You can also turn on and off “daily mode” via hot key now, as well as lock/unlock your parameters, copy generated passwords, and launch the Settings dialog, among other things. Full details on the new hot keys can be found in the HTML file, which conveniently launches when you press F1 (after you update, that is).

The generated password text box now displays its value in a monospace, “typewriter” style font that makes it easier to distinguish similar characters (like the letter “O” vs. zero or lowercase “L” vs. the number one). I feel rather sheepish that this wasn’t in there from the beginning, since I’ve run afoul of mistyping stuff myself because of the old font.

The update checking code has been revamped, including a lot more error checking during start-up. This will hopefully fix a number of issues folks have been having with this process. Oh, and since we’re talking about updates, we replaced the goofy “force update check on next launch” checkbox on the Settings dialog with an interactive “Check for Updates” button. That makes forcing an update check much, much easier.

Cryptnos now remembers its previous location on the screen and attempts to restore it the next time the program launches. This was a sticking point for me as I’ve been constantly moving the window from wherever Windows decided to place it today back where I last had it. I’m not sure how well this works with multiple monitor setups since I don’t currently have one, so feedback on this item would be appreciated.

There are also a few other minor, behind-the-scenes tweaks and changes that aren’t very interesting to talk about. If you’re curious, feel free to peruse the change log to get all the changes. As always, we love getting feedback on how we’re doing, as well as suggestions on how to improve. We’ve got some big changes planned for the future to really expand our features, although they’ve been very slow to implement. We really appreciate your feedback, support, and patience.

Happy downloading!

EDIT: One last thing I forgot! It is with deep regret that I have to report that we are officially dropping support for versions of Windows prior to Windows XP SP3. This was more forced upon us that something we chose to implement. Microsoft dropped support for these old versions quite some time ago, and now our installation compiler (InnoSetup) no longer compiles setup programs that even try to support them. So I’m afraid that if you’re running anything older than XP, 1.3.2 will be your last version of Cryptnos, or you’ll need to manually copy the files from another newer machine. We sincerely apologize to anyone affected by this, although I suspect that list may be very, very small.

Tags: , ,


On Version 2.0 and Windows RT

January 7th, 2013 | Permalink | Comment?

I apologize for the long stretch of silence, folks. I realize there haven’t been any new releases for a while, and likewise no news to speak of. As often tends to happen, I’ve been swamped lately with many different irons in many different fires, and unfortunately that means a number of things on my plate have had to sit on the back burner. Since Cryptnos has been relatively stable of late, it quickly became one of those back burner projects. I promise I haven’t forgotten or abandoned it; it’s just low on my priority list at the moment, something that will hopefully change very soon.

So I suppose you’d like to here a little bit of news on what we do have planned, wouldn’t you? Well, I can confirm that there is a Version 2.0 in the works for both the Windows and Android branches, both of which will hopefully add a number of long requested features. Chief among these will be a new “wizard” password creation mode that will take a series of requirements and generate a password that meets these requirements, all while maintaining Cryptnos’ original level of security. For example, many sites and services list a series of password creation rules not too dissimilar from these:

  • Must not be a previously used password;
  • Must not contain your profile ID or name;
  • Must be at least 8 characters but no longer than 20 characters;
  • Must have at least 2 upper case and 2 lower case letters;
  • Must have at least 1 digit;
  • Must not have more than 2 pair(s) for repeating characters.

Now the first two rules are not something Cryptnos could handle for you. Cryptnos does not store your passwords anywhere, nor does it care what your user ID or name really is. That said, the pseudo-random nature of Cryptnos passwords makes breaking those rules so statistically unlikely that we can practically call them impossible. Similarly, the third rule is easy enough to handle with Cryptnos in its present state: simply set the password length to 20 characters. This is the upper limit of the rule’s length range, and selecting anything less than that would mean artificially weakening the password unnecessarily.

But what about the rest of these rules? Cryptnos does not currently check for these states, although the pseudo-random nature of the generation process makes it hard to actually violate them. Despite this fact, I myself have run into the occasional instance where I’ve had to tweak my Cryptnos parameters because one generated password didn’t match an arbitrary rule like this. It’s a very simple problem to work around—I just increment the number of hash iterations until I happen to reach a generated password that matches the criteria—but it’s still something that would be convenient if Cryptnos did handle for us. (My manual solution does require a bit of work on my part to check that the generated password does not violate the rules.)

So the big new feature planned for Version 2.0 will be a “wizard” mode for creating new passwords. In this mode, you will still be able to set the “classic” set of parameters as before… or you can let Cryptnos choose the “best” options from a series of defaults, in case you don’t care about hash algorithms or the number of iterations. Then you’ll be able to specify a set of rules like the ones listed above. Cryptnos will translate these rules into a series of “classic” parameters and test to see if the generated password meets the specified rules. If not, it will tweak the classic parameters behind the scenes (such as incrementing the hash iterations or changing the algorithm) until it either matches your rules or gives up if it can’t find a match in a reasonable amount of time. Your rules will then be saved in the database, and day-to-day password generation will work just as it does now (Regenerate on Android or “Daily Use” mode on Windows). When it comes time to change your password, Cryptnos will recognize which generation method was used to create the initial password (classic or wizard) and load the appropriate the interface.

Since this change will be a pretty big one, I think we’ll be justified in bumping the version number up to the next major version. Unfortunately, that also means this one will be a lot more work. We’ll have to find the best way to define, present, and store these new rules, all while keeping the “classic” generation method available for folks (like me) who will still want to use it. More work, of course, means more time, so for now I can’t give an ETA on when this version will arrive. I’m still in the planning process at the moment, so it will be a while before we’ll see anything worth beta testing.

There are a few other things I’d like to squeeze into 2.0, such as improved support under Mono (right now it doesn’t work at all) and a general clean-up of the Windows UI to make it simpler and easier to understand. And of course there’s the long awaited and oft-neglected Java port, which will likely have to wait until the Windows 2.0 UI is stabilized. It’s coming folks; I promise I haven’t forgotten it.

And then there’s Windows RT….

I received a query at the end of the year regarding whether or not there will be a Windows 8 RT* version of Cryptnos. Sadly, I’m afraid the answer, at least for now, will be the same as the one for iOS: We’d love to do one, but right now it’s not practically feasible. The reason is pretty much the same as for iOS, too. Both mobile operating systems require very specific development environments, neither of which we have access to at the moment. For iOS, that means developing on a Mac (which I don’t have) and learning Objective-C; for RT, that means purchasing Visual Studio 2012, Windows 8, and ideally an RT device to test with. Considering that I just brought all my machines up to Windows 7, I’m not looking forward to going through another upgrade cycle just yet. And while I can sort of justify having both an iOS device and an Android device (after all, I had an old classic hard drive based iPod long before I got my first Android phone, so my music is pretty much mired into iTunes for now), justifying a third such device just for testing on a free (as in beer) app with no budget isn’t going to get very far.

Of course, it’s hard to predict what the future might hold. Fortunes change, and it’s also possible volunteers may step forth to take up the challenge. While I’d love to roll up my sleeves and get into iOS or RT development, it’s going to get harder and harder for me to do so by myself. However, if some brave soul wanted to take charge of a port to one of these platforms, I’d be happy to do what I can to promote and support it. Until I win the lottery (which will be difficult since I don’t play) or a volunteer steps up, for now I suppose Cryptnos Online will have to suffice.

That’s all the news I have for now. I wish everyone a happy and health New Year, and I hope my next post will be a long awaited release announcement!

* Note that Windows 8 RT is the “watered-down” tablet-only version of Windows 8. Cryptnos for Windows should still work on Windows 8 for desktops and laptops, although you may have to drop out of the “Metro” interface to the desktop to use it. At this time, Cryptnos for Windows if officially untested on Windows 8. There are currently no plans for placing Cryptnos in the Windows Store.

Tags: ,

Releases, Windows

Cryptnos 1.3.2 for Windows Released

June 11th, 2012 | Permalink | Comment?

Just popping in to quickly announce that version 1.3.2 of Cryptnos for Windows has just been released. This a minor bug fix to address Issue #6 in the issue tracker, pertaining to the sorting of site tokens (i.e. names) in the drop-down list when a new set of parameters has been added. Originally we were planning to hold off on adding this until we started work on version 2.0.0, but work there has been progressing much slower than we anticipated. This was a simple fix, however, so we were able to get it out in an afternoon. Sorry it took so long to get to it.

You can find the download links on the Cryptnos for Windows page, or if you have automatic updates turned on you should get the update notification sometime in the next few days. You can force an update by ticking the “Force update check on next launch” checkbox under Advanced Settings.

Tags: , ,

Android, Releases, Windows

Cryptnos for 1.3.1 Windows & Android Released

April 16th, 2012 | Permalink | 1 Comment

We are pleased to announce that Cryptnos Version 1.3.1 for both Windows (.NET) and Android have been released. This is a minor feature release for both platforms, but it also contains some updates to some of our third-party libraries. There’s also a little bit of code clean-up on the Android side which should slightly improve performance.

For both platforms, we’ve introduced a new requested feature that should slightly improve security. This feature allows the user to specify that Cryptnos should clear out the contents of the master and generated password text boxes (“Passphrase” and “Password” on the Windows client) whenever the application loses focus, i.e. Cryptnos is no longer the application that has the user’s direct attention. On Windows (and other .NET clients), this should occur if Cryptnos gets minimized or becomes obscured by another window; on Android, this occurs if the user taps the Home button or otherwise switches to another application without tapping Back to leave and close Crpytnos. In both situations, if the user returns to Cryptnos with this option set, the application will wipe out the contents of these password boxes to prevent anyone for seeing or reading their contents. If the user has selected to have the generated password copied to the clipboard, that copy of the password is unaffected. By default, this option is turned off to replicate the behavior of previous versions. You can find this new setting under each application’s Advanced Settings location.

On the Android side, we also added the ability to type/tap the Enter key while in the master password box to trigger generating the site password. This was already the default behavior for the Windows client, but implementing this on Android isn’t something built into the operating system so it wasn’t as obvious. Still, this was something that annoyed me about the Android client as well, so it seemed like an excellent addition. Note that on the off chance you might use the Enter character as part of your master password, this may break your generated passwords. Since this behavior is incompatible with the Windows client, we don’t think that will affect many people, but please let us know if it does affect you.

We also took the opportunity to upgrade ZXing (the QR code generating library) on the Windows side and the Legion of the Bouncy Castle (our crpyto library) on the Android side, both to the latest versions at the time of their release. You shouldn’t notice anything different with respect to this change, but this will hopefully prevent any potential bugs and security flaws that might be present in these modules.

Recently Google integrated a version of Lint into their Android development kit, so we took advantage of the impending release to run the Android version of Cryptnos through it. While many of the suggestions were trivial (and one completely broke Cryptnos so we had to back it out), we did find a few things to tweak that may slightly improve performance. You probably won’t notice it, but maybe folks on slower devices will see an improvement.

As usual, you can download the updates directly from the respective pages here on the site, or from the Google Code sites. Of course, we’d prefer you use the automated update options to keep you as up-to-date as possible. Folks who installed the Android client from the Google Play Store (formerly the Android Market) should get the update notification soon. The Windows client checks for updates once per week, but you can force an update check through the relevant option under Advanced Settings.

If you discover any problem with Cryptnos, please let us know and we’ll look into it as soon as possible. The time I personally have to devote to Cryptnos is a lot less than it used to be, but I try to work on it when I have the opportunity. The preferred place to report bugs or request features is through the Google Code issue trackers, which you can find links to from the various platform pages. While we do take issues via e-mail, we always repost them there for tracking purposes.

As always, thanks for using our humble little app for your password hashing needs!

Tags: , , ,

Android, Releases

Cryptnos for Android 1.3.0 Released

November 12th, 2011 | Permalink | Comment?

I may be sick today, but that’s not stopping me from finally releasing version 1.3.0 of Cryptnos for Android. OK, so it’s been a work in progress and most of the work has been done for a while, but I did get the last little finishing touches done today. If you installed Cryptnos via the Android Market, you should be getting the notification to upgrade shortly. If you installed the application manually, you can find all the download links on the Cryptnos for Android project page.

Here’s a brief run-down of the changes:

  • Probably the first change you’ll noticed is our new icon-based main menu. One of the biggest complaints we’ve had about Cryptnos is that the UI isn’t “pretty”. Version 1.3.0 improves things just a bit by adding a simplified main menu, as well as tweaking a few layouts and images to make things look a little better. It still won’t be winning any design awards, but at least it now looks like we put forth some sort of effort.
  • Following on the heals of our 1.3.0 release of Cryptnos for Windows, we’ve added the other half of the new QR code import/export feature. If you have one of a number of recognized third-party QR code scanning apps installed, you can now transfer codes from device to device using specially formatted QR codes. The currently supported QR code scanners are ZXing Barcode Scanner, QR Droid, and QR Droid Private.
  • Also mimicking Cryptnos for Windows, we’ve added the ability to selectively import sites from an export file. Gone are the days where it was all or nothing; now you can select any number of sites from a file, so it’s much easier (and less destructive) to import only certain sties from a file. You will also be warned if a selected site from the file will overwrite an existing site in the database, so there won’t be any nasty surprises.
  • Issue #7 requested a new feature to show master and import/export passwords in plain text rather than obscuring them. This can convenient if you happen to have a very long, complicated master password and you’re using Android’s notoriously unhelpful on-screen keyboard. It can also be a big security risk, so this feature defaults to off, mimicking the behavior of previous versions. You can find the option to enable and disable this setting in the Settings activity.
  • Finally, there were a number of little annoying bugs that have been needling me for a while which have been finally fixed. None of these were show-stoppers that greatly impacted usability, but I’m glad to see them finally fixed.

Android, Releases, Windows

Cryptnos for Windows 1.3.0 Released

October 13th, 2011 | Permalink | 2 Comments

We are happy to announce the release of Cryptnos for Windows version 1.3.0. While this isn’t a huge release that fundamentally changes how Cryptnos works under the hood, it does introduce enough new features to warrant the bump up the version tree from 1.2 to 1.3.

Here’s a quick run-down of the new features in this release:

  • Probably the most interesting new feature is “daily use” mode. This is a new operational mode that drastically reduces the size of the Cryptnos UI for day-to-day use. The vast majority of the time, most users want only one thing from Cryptnos: to get in, get a password, and get out. They don’t need or even want to see all the details of which hash algorithm is used, how many times it’s performed, how the resulting digest is manipulated, etc. So “daily use” mode provides a toggle that hides much of the UI that is disabled when you check the Lock Parameters checkbox. You’ll see the site name drop-down, the master password box, the Generate button, and the generated password box. That’s it. Cryptnos for Android does something similar by offering a “Generate Existing Password” menu option that only displays these fields. If you need to do something more advanced, such as change settings, edit or add new site parameters, or import or export data, you can toggle “daily use” mode back off to get the full UI.
  • Another new feature is the ability to export site parameters to a QR code. This is the first step toward the introduction of Cryptnos for Android 1.3.0, which will also include this feature. Cryptnos for Android will let you import and export site parameters from one device to another if you have one of a select group of QR code reading apps installed. Cryptnos for Windows adds the ability to export sites to a QR code, allowing you to import the site into an Android device equipped with Cryptnos just as easily. Note that since cameras are not as ubiquitous on desktops and notebook computers as they are on smartphones, the Windows client can only export to QR codes, not import. Special thanks go out to the ZXing team whose awesome barcode reader library enables us to do this.
  • We’ve enhanced the import process so you can now pick and choose which site parameters in a file you’d like to import. Previously, importing was an all-or-nothing process; if you wanted to import only certain sites, you’d have to be specific during the export process. Version 1.3.0 will now display the site names of the parameters in the file and let you select which sites you’d like to import. If a site in a file will overwrite a site already existing in Cryptnos, you’ll see the site name appear in red in the import dialog. You’ll also be warned if you’re about to import a site that will overwrite an existing one. This is also a feature we plan to port to Cryptnos for Android 1.3.0.
  • Now that “daily mode” makes the Cryptnos window much, much smaller, some folks might find it handy to be able to tell Cryptnos to float on top of other windows, even when it loses focus. This is especially useful for folks who prefer to type their passwords rather than copy and paste them, which is much less vulnerable to clipboard based attacks. Well, we’ve added a “Keep Cryptnos on top of other windows” option in the Advanced Settings dialog to do just that. This feature can easily be turned on or off, whichever you prefer. The default behavior is off, which is the same as found in prior versions.
  • And although this is entirely under the hood and invisible to you, we’ve updated our copy of the Legion of the Bouncy Castle Crypto API to the latest version (1.7). I’m not sure if any of the bug fixes and updates included in this release affect us, but we’d rather be safe than sorry.

One cool thing about this release is that it gives our Android users a glimpse at some of the new features we’ll be adding to their client soon. Many of these ideas were things we wanted to add to the Android client first, but we just happened to tackle them on the Windows side first by chance.

All of the download links have been updated, which you can find either off the Windows page here or off the Google Code site. If you have update notifications turned on, you should be getting the notice sometime within the next week. Let us know if you have any problems by posting on the Google Code issue tracker.

Tags: , , ,

Android, General, Java, Online, Windows

No News is Good News?

October 5th, 2011 | Permalink | Comment?

Well… sort of.

I apologize that there hasn’t been much in the way of Cryptnos news lately, folks. Truth be told, there hasn’t been any news primarily because there hasn’t been anything newsworthy to report.

When I started working on Cryptnos, I did so to scratch my own itch.  I wanted a password manager where I didn’t have to rely on anyone else, where I knew precisely what was going on under the hood, that was completely Open Source and open to scrutiny. I built the Windows version and the initial itched was scratched. Then I acquired an Android phone and wanted to have the same power and flexibility while I was on the go. The Android client soon followed; the second itch was scratched. However, I was not content with limiting Cryptnos’ use to just Windows and Android, especially in situations when neither of these clients were available to me (such as accessing a secure site on my iPod Touch). Cryptnos Online was born; the third itch was scratched. I came up with a few additional ideas to improve each version, discovered a few flaws with the help of some very diligent fellow users, and incremented each of these clients through a number of successive iterations. That’s when silence fell.

Unfortunately, now that my personal itches have been scratched, development on all versions of Cryptnos have slowed to a crawl. The Windows and Android clients do pretty much what I wanted them to do and I haven’t had any requests for enhancements in several months. There are several things I want to do to improve Cryptnos Online, but since I use it rarely myself there has not been much motivation. I’ve also had a great deal of work piled upon me at my other two jobs (my “day job” as a .NET developer and my comic strip), chewing up any available free time for Open Source development. This lack of time has also stalled all work on the Java client, another effort that has been on indefinite pause primarily because it’s not an immediate personal priority.

Does this mean that Cryptnos development is coming to a complete halt? Absolutely not! I have a number of ideas on how I’d like to improve the UI of the Windows client to make it smaller and more compact for daily use. I also would love to enhance the Android client to make the experience on Honeycomb and higher tablets better. I certainly don’t want to leave the Java client unfinished. The problem, unfortunately, is that Cryptnos has always been a labor of love that is purely at the mercy of my extremely limited free time. Since Cryptnos does absolutely nothing to pay my bills, it has to take a back seat to the jobs that currently do.

So what does this mean to you? Well, since my personal itches have been scratched, the big takeaway here is that if there’s something you’d like to see in Cryptnos, please use our Google Code issue trackers to make your voice heard. There is an issue tracker for both the Windows and Android clients. If you have a suggestion that you’d like to see that may affect either client (i.e. something fundamental to how Cyrptnos works rather than how you interact with the interface), you may post your request to either list and I’ll cross-post if necessary. That said, if you do make a request, please be patient and I will address it when I can. I’d love to see Cryptnos be useful to as many people as possible, so your input is extremely valuable.

Tags: , , , ,

Android, Releases

Cryptnos for Android 1.2.7 Released

July 22nd, 2011 | Permalink | Comment?

Folks, Cryptnos for Android 1.2.7 has just been released. It is now available for download here and on the Google Code site, and folks should be seeing it in the Android Market very soon.

This isn’t a very important update for most folks, and frankly if you already have Cryptnos installed and it’s working fine, you don’t really need to update. This is mostly a fix for a quirk in the Android Market that was filtering Cryptnos out of the list of available apps when it really shouldn’t have been. Android assumes that a touch screen is required for all apps unless you explicitly say otherwise. Cryptnos has always been usable and navigable without a touch screen, assuming you have a trackball, D-pad, or some other device to scroll through the on-screen controls. However, because we didn’t explicitly go into the application manifest and declare that the touch screen wasn’t required, the Market assumed it was and filtered out of the list. Thanks to this change, Cryptnos is now compatible with at least 532 different Android-based devices (that Google knows about).

Tags: , ,


A Free Software Redistribution Cautionary Tale

July 20th, 2011 | Permalink | Comment?

I wanted to quickly share a brief cautionary tale with those of you visiting us about the wild and wooly world of free software distribution and redistribution. Of course, coming from me, that will likely mean it will be nowhere near as quick or as brief as I originally intended, but at least I’m going to make an effort to keep it that way.

Over the past several weeks I’ve received a number of e-mails from several free software distribution sites. I won’t mention the names of these sites, nor will I link to them, to protect the innocent (or guilty, depending on your point of view). In each of these cases, the sites in question sent me a brief e-mail “congratulating” me on the inclusion of my software (both Cryptnos and its functional ancestor, WinHasher) into their download database. I was assured that my software had been “tested in [their] labs using several industry-leading security solutions and found to be completely clean of adware/spyware components”. (Well, that’s good to know. I would have never known that if they hadn’t told me.) I was presented with a nice graphic “to let [my] users know about this certification” as well as links to where they had “mirrored” downloads of both applications.

What bothers me about these notifications is that they were unsolicited. I did not contact any of these sites and request inclusion into their databases. That isn’t necessarily a problem; both Cryptnos and WinHasher are released under a GPL license, so redistribution is not only permitted but encouraged. What bothers me is that both applications are, from various standpoints, security applications and that the act of downloading security software, even when Open Source, from a third-party introduces risks that I’m not sure I’m comfortable asking my users to take.

Certainly I could take the assurances of these download sites at face value and assume that their download mirrors are secure and provide unaltered versions of my software. However, as someone who writes a security software product, that would be rather naive assumption to make. How can I be certain my application has not been compromised once it has left my server? While I have downloaded Cryptnos from at least one of these sites and compared its SHA-1 digest to that from our Google Code site, I have not yet been able to do so from any of the others, and I likely won’t be able to do so for every single release. For that matter, how am I to know it hasn’t been altered after I ran this test? Perhaps I am being overly paranoid, but in the realm of computer security, paranoid is the right frame of mind.

So I wanted to officially go on record by stating that the only official place to download Cryptnos releases is at our Google Code site. All download links on this site point to the Google Code site, both to conserve our bandwidth and to consolidate download count numbers. If you download Cryptnos from another site, you do so at your own risk. We cannot validate and authenticate every third-party download site, especially those we do not know about. You should always compare the cryptographic digest of these downloads against the digests posted here or at Google Code or, better yet, you should check it against the GnuPG digital signature posted for each release. If the digest or signature does not match, the download should not be trusted. This should go for all Cryptnos downloads, including those you may download from here. Since the digests and signatures posted here and at Google Code are “official”, they can be used to validate or authenticate third-party downloads. If you determine that a third-party appears to be trustworthy, then you may at your discretion continue to download Cryptnos from there in the future. However, you should still validate each release with the official one here to make sure you are getting what you think you are getting.

While we are grateful for the increased exposure and traffic these third-party sites have given us, we do so with an air of caution. This is only one official place to get Cryptnos, and everywhere else should be approached with caution until they have been vetted.


Android, General, Releases

Cryptnos for Android 1.2.6 Released

July 6th, 2011 | Permalink | Comment?

Just a quick note to announce that Cryptnos for Android 1.2.6 has just been released. Folks who have installed the app from the Android Market should be getting the update notification soon, while those who have downloaded the APK from here can find the appropriate links on the Cryptnos for Android page.

This is a small bug fix release to fix Issue #6 in the Google Code issue tracker. Although I thought there were enough checks in place to prevent this, it looks like there was a possibility that Cryptnos might throw an exception if the user’s preferred external file manager was no longer available. While I was unable to replicate the error itself, I could definitely see where it could occur. If the user’s preferred file manager is unavailable and Cryptnos does not detect this when the Import or Export activities are loaded, the button to launch the file manager may still be displayed (although it shouldn’t). If this occurs now and the user taps this button, Cryptnos will catch the exception, notify the user that the file manager could not be found, and ask them to check their preferred file manager setting.

Tags: , ,
« Previous Entries
» Next Entries