[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More



Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have a number of Dell laptops running Windows 7 with BitLocker enabled, along with TPM (+ PIN) activated.  We're now about to start upgrading these laptops to Windows 10. What I need to know is if I need to clear the TPM in the BIOS before re-imaging these laptops.

The Windows 10 deployment will be BitLocker encrypted as well.  But since we're going from Windows 7 (Legacy BIOS) to Windows 10 (UEFI), we're having to wipe and reformat the drives. So the existing encryption for the Windows 7 install is not really relevant. The laptop will be returned to the same user.  With a newly encrypted drive, should existing TPM keys be cleared and reset before re-encrypting?

I know how to clear the TPM. I don't know if I "need" to clear the TPM, or if I "should" should clear the TPM.

I did a test upgrade (via SCCM), without clearing the TPM. In Windows 10, TPM was listed as active, but with "Limited Functionality".  

I then manually disabled BitLocker, cleared the TPM from the BIOS (which required extra reboot and re-entry into the BIOS to re-activate TPM), and re-encrypted the drive. TPM no longer shows a status of "Limited Functionality". It now shows "ready to use" (no owner?). Did I do something wrong?

(and further down the rabbit hole I go) When retiring computers, should we clear TPM in the BIOS after wiping the disk on the computer that's being retired?  Or am I over-thinking this?

Sorry about the multiple questions.
Starting with Angular 5
LVL 12
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

Hello -
A friend of mine has files on a USB drive that was infected with a virus. There was a ransomeware message stating their files were encrypted and asking them to pay a large amount of money if they want their files back. All of the files on the USB have a file extension of .pdf.zcdgu. Has anyone seen this before?  If so, is there a way to remove it?
Would like to assess the data analytics solution in terms of security/risk for service below
(which uses Cloud):

"AAA Solutions, a local- based data and analytics consultancy, provides Information Management and Analytics support to our clients. Our seasoned practitioners bring established tried and trusted models developed through years of practical hands-on implementation and successful project delivery of Data Warehouse, Business Intelligence & Analytics systems. We apply an optimum mix of descriptive, diagnostic, predictive and prescriptive methods to drive business value, cost efficiencies and manage risk.
    To establish the Forecasting & Analytics System (FAS) integrating with the top-of-the-line Business Intelligence system and automation of the external variable extraction process to streamline analytics workflow.
    Data Source is using Qlik N-printing;
    Data Integration & Transaction svcs is using MS SSIS;
    Data Marts layer is by MS SQL 2017;
    Power BI is by O365;
    our on-prem AD sync to O365 AD"

Can only currently think in terms of encryption of data in transit, at rest & at endpoint.
What about data integrity (ConnectDirect did checksumming), cloud security (esp this one)?

I like MS SQL 2017 (as MS SQL 2016 only offers DB encryption in Enterprise Edition) offers
DB encryption even for the non-Enterprise edition
Hello Experts!

I need your assistance with an issue concerning Java Encryption. What I am trying to do is to get the BlowFish method to function in the class file so that it can run, and output a following in Java:

Wil Wheaton is my hero!


Wil Wheaton is my hero!




What i'm looking for is output for the cleverpassword part but running into issues with cannot use non-static method, symbol, and does not over-ride abstract method. The method that I am using is implementing to the interface Encryptable for both files, excluding the driver and the Encryptable file itself. The Encrypt file is an Interface class and is implemented in the other two class files Secret and Password. The problem is the password file and the driver file.

Your help(s) is most appreciated.
We are using Gpg4Win to decrypt files we download from Concur.  The files are encrypted using the key we provided them.  We need to be able to download these files from any one of eight servers.  We have installed GpgWin4 on another server where we expect users to download the files and decrypt them.  This is our first of eight servers deployments.  We are not having success with decrypting the files.  We did use Kleopatra to import our files.  We created the personal key so we could certify but we did not publicize any keys.  We cannot get past this error:  gpg:  decryption failed: No secret key.  We know we have not done something correctly, but we do not have a clue.  Hoping to get some help here.
Hi, i have problem whith download Decrypting Cryakl from https://www.experts-exchange.com/articles/31579/Decrypting-Cryakl-1-4-0-0-1-4-1-0-FAIRYTAIL-Ransomware.html  (and decryptors.blogspot.com). Can help me whith download application?
I want test on CL I have one pc whith this encryptor. I know that he was installed through the RDP, and have some files and log's. Maybe you decryptor can help.
It will then be possible to transfer the information to others.

Thank you.
I want to password protect my external hard drive and pen drive. I tried searching online but not able to figure out best and safest way for doing this. I dont want to encrypt my entire data. Just a password protection is enough. Any good and free tool available for accomplishing this? Thanks.

This is Azizah Alqahtani

I just sent you email like this bellow and you response to give you the python code ..

Could you please help me to solve this problem,

I have to convert a python code to a Java code

Or rewrite the code with the same idea ?

The code is about one type of substitution cipher ?

If you can , I will send you the assignment page and my friend’s answer in python..

I have an issue where I'm seeing a discrepancy between what ShareFile is stating the storage consumption is to what is actually being consumed on our storage array.  ShareFile states 4 TB of usage while the storage array is reporting 27 TB.

Citrix support has told me that our version, 4.1 has an issue with deletion and suggested we upgrade to 5 to which we are working on new servers to replace the old.  We have been through 3 different versions from 3.0 upwards.

What concerns me is looking at the array I see multiple files of the same size but none of them equal to the highest size file we have shared.  It appears to me that the files are being broken up into pieces during the encryption process.

I'm new to ShareFile but not storage; my apologies if this is scatter brained...

Has ShareFile always had an issue with file deletion prior to 5.0?
Could ShareFile encryption be causing the overhead due to splitting files?
The NTFS cluster size is set for 15K and not 4K; this would cause overhead but could it account for that large of a difference?
Is it possible that the NTFS cluster size and file splitting with encryption is causing it?
Is there a way to correlate the file ID to a set of split files?

Any help is greatly appreciated.  Please query me for additional information as needed.  23 TB is a considerable amount of space to be waisted and has an associated cost.
I have a client with a windows 10 home edition os. He has come to us asking for a recommendation for encryption software to load on it.
My understanding is that because it is Windows 10 Home Edition, that he cannot load Bit Defender.
I am looking for some feedback as to whether anyone can recommend encryption software for this version of Windows 10 or as we already know, that he has to have Windows 10 Pro for Bit Defender to work.
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Does anyone have James's decryption software for email-blackdragon43@yahoo.com.ver-CL
Your help would be apreciated. TY
Hi, I have a issue with PCI Compliance Scanning and Sonicwall weak encryption setting.  I believe all weak settings had been disabled or updated to stronger, but PCI scanning continuously find following: Mode: Main, Encryption: 3DES, Hash type: MD5, Auth method: GSS or XAUTH1, DH Group: Group 14.
Anyone who experience same? Thanks for all of you!
We have a x64 exe protected with VMProtector 1.6 - 2.5.  This is from an old file and I no longer have the original.  Is there a way to get the original files back?

What I need is:
- File have to be fully unpacked and functional.
- All encrypted strings should be decrypted.
Hi all. I’ve been crypted by version doubleoffset and I have a files (original and crypted) to help you create new version of decryptor. Crypted and encrypted files in https://yadi.sk/d/zI2_aUhN3apCJF 
I ask you to help me in decrypting the files.
Hi All,

I was asked a question today, and whilst I have some ideas, I figured it would be good to see what others think in case I am out of date or missing something.

I was asked what encryption option to use for storing confidential information on a cloud storage site.

The site allows encryption of whatever is uploaded, and they *claim* that they don't have the keys (and I believe them).  If we (the client) loses the keys, then the storage site cannot help them.  We have a good system for backing up the keys, and I will also have a copy that I will hold for them, and I am comfortable that this aspect is well covered and secure, both at their end and mine.

This is a secondary backup in case something happens to the office site drive backups they already have in place each day.

The backups include staff records and payroll date, so the client wants to pre-encrypt their bulk data backups prior to storing in the cloud site, which I am all for too.

They want to take the backups, combine them into a single file for a given date (the size of the backups makes this viable), and store that single encrypted file on the cloud site.

They were proposing to zip the backup  using 7-zip and apply the AES option with a password that is 23 random characters, followed by the date (so today would end in 20180814).  That way the password is really 23 characters, but all the passwords are different.

I am okay with that, but perhaps there are better options.  When asked, I …
Is the Instagram iOS app on my iPhone using an HTTPS SSL to encrypt all session activity from being viewed by my ISP? How do you know? Is there any evidence which proves all app activity on Instagram is encrypted or not encrypted?
We are evaluating options for email encryption.  We currently use ZixMail to encrypt sensitive information.  The ZixMail always requires the password to open the email and read it.  What other applications are there that offer this same option?  We are using Office 365 and the Microsoft EOP does not have the option to lock the email like ZixMail does, it will keep it in plain text, so if someone gains access to the email account they will be able to read the email.

I have started looking at Virtru for email encryption and was wondering what others are using.

Thank you
We clone laptops usning MDT (off line) . And when laptops get cloned they run a script to  run susprep and install some App and run encryption by  BitLocker in the end.
All clones run bitlocker except the one which was upgraded to windows 10_1803. The 1803 version of cliets have problems running encryption.They all hangs while in the process of encryption .Looks like they get used area encrypted by default when they get cloned.P;ease see screen shot of a master and cloned Master is Fully Decrypted and cloned has used spaced 100 % encrypted. If I stop the script before it starts running encryption process and manually decrypted a drive and restart script it runs perfectly fine.
How can I prevent MDT not to prevent encrypting HD ? I disabled BitLocker on a task sequence but it clones still has it on
I believe my service reference is using Triple DES encryption to communicate with one of our vendor's web services. The server we initiate the call from cannot have the 3DES cipher enabled due to PCI constraints.
How can I set my service reference in C# to use RSA instead?
Introduction to R
LVL 12
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Microsoft Exchange 2016 Vulnerabilities:

We have vulnerabilities for below two points on Exchange 2016.
If we take action and make any changes, does it negative impact on our Exchange servers?
We have total 12 Mailbox Server, 1-WITNESS Server, 1-DAG CLUSTER. Please suggest  on below vulnerabilities.
Need your valuable inputs.

1) 3DES configuration in registry, & 
2) Disabling “SendExtraRecord” parameters in registry.

SSL Medium Strength Cipher Suites Supported      The remote host supports the use of SSL ciphers that offer medium
strength encryption. Nessus regards medium strength as any encryption
that uses key lengths at least 64 bits and less than 112 bits, or else
that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength
encryption if the attacker is on the same physical network.

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)      A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow
information disclosure if an attacker intercepts encrypted traffic
served from an affected system.

TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are
not affected.

This plugin tries to establish an SSL/TLS remote connection using an
affected SSL version and cipher suite and then solicits return data.
If returned application data is not fragmented with an empty or
one-byte record, it is likely vulnerable.

OpenSSL uses…
I have a Lenovo ThinkPad T470 that every time it reboots BitLocker (BDE) gets tripped.  If I force shut down and turn back on most often it boots into the OS (Win 7 Pro).  But, any warm reboot and it trips.  I've suspended and rebooted with it suspended several times but as soon as I re-enable, problem is back.

Enterprise setting; Image is deployed via Network and BDE encrypts the entire drive as the task sequences execute.  It normally boots into regular logon and disk encryption complete but not this one.

I SUSPECT bad drive (SDD) or controller but have no idea how to prove it for warranty.

T470's have SSD with NVMe via M.2 (and I can't find a GOOD diag tool for this hardware combination.  Most diags I find can't handle the M.2 and never see the SSD at all).  I have wiped and reimaged a second time just in case the first deploy was defective.  Same problem.

So the actual question would be two-fold.  
1.  Does anyone know of a good diag tool for the above hardware
2.  Feedback on WHY this one, machine is giving me headaches!
hi there,

Currently I'm trying to create, sign & broadcast bitcoin transaction using btcsuite. For start, I've already had testnet3 address & its associated privatekey for testing. However, hunting through the post and articles like below:-


The solution proposed above its not complete, for first one, it only covers until signing (i knew the author claimed its not broadcastable unless you provide the utxo which i did if i'm right) but when tried to braodcast it failed with message

"Error validating transaction: Transaction be9b294695bfb201a5cff32af074a4bf72b073e3c9dad1969111165bf118a622 orphaned, missing reference f0c0d3b3eecf911ede996a74ceadc9366068791450c9e6bacee9ae202f3690d1."

I have no idea what's going on and I suspect its script is incompatible.

So, the bottom line is I just want a workable example in bitcoin testnet3 that shows "from 1 address transfer some bitcoin to other address" by showing the process of creating raw transaction, sign it with private key, turn it to raw transaction in hex format & broadcast it using something like https://live.blockcypher.com/btc/pushtx/ (BTC testnet)

currently my code is as follow:-

package main
import (

Open in new window

It’s a sync / backup ?

If it syncs a problem can you revert backwards ?

I am looking for a disk encryption system that can:

1.      Encrypt all files on all computers in our company.
2.      Inside our company, use transparent encryption described in https://en.wikipedia.org/wiki/Disk_encryption so that all files can be copied or moved as if they were not encrypted.
3.      When copying or moving the files outside our company, the files stay encrypted. This is to prevent any employees from copying confidential data outside our company.

I have studied MS Encrypted File System and BitLocker, but both seems cannot support the third feature. Therefore, I just wonder whether there are other tools that can support all.

bitlocker encrypted drive on usb: we have a laptop with ssd drive with bitlocker encryption that crashed and won't reboot to windows.  Before reinstalling Windows 10, I'd like to know how to put the drive on external usb on another computer to try to retrieve data from it.  It just says it's not accessible and doesn't have an option to put in the encryption key.


Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.