I know there are a number of programers on this list.
I have a data partition, that I backup using a batch file, and Winzip 9 command line. It is a simple batch file, that collects my email programs, all my data files, zips them all up up and encrypts them using 256 AES. I end up with around a 2GB encrypted zip file. I have it scheduled to run every night and then every couple of weeks upload it to my personal FTP server, at my company, at a out of state location.
The problem is that anybody who looks at the batch file sees the 60 character AES key.
Anybody who has physical access to the computer has access to the key. How to I compile and encrypt this so it can not be de-compiled and hacked?
I know that I could encrypt the data partition, and then only need to back up the single encrypted image file. In fact, I am using a mounted Blowfish encrypted data drive, one for my data, and one for my email. I am zipping up the contents of those drives while they are mounted. So I need only copy the image files to another drive in order to back them up.
You are wondering why I don't just copy the blowfish image files as a backup. Because In order to access them, after the computer burned up in fire, or was stolen, or whatever, I would have to install the encryption program in another computer, and mount the drives, and then cross my fingers that there are no glitches or anomalies.
A zip file is a universal compression format, and Winzip has been around forever, and works on any version of windows. All I have to do is protect the key with the rest of my keys, and passwords, and restore the zip file on any windows box. I like to keep my backups simple, as well as secure. I have had too many failures, over the years with 3rd party backup programs. Unless you are testing them all the time you can never be sure that they will work the day you need them.
A few years ago I bought a little program that is suppose to compile and encrypt batch files, ...it is no longer around. I used to protect my scripts on customers computers, but I discovered a funny thing. When I ran scripts in exe form on a 98 box, that were written to run Norton Utilities System Works utilities... virus scan, disk doctor, speed disk..... I would find a collection of numbered text files in the root directory with my plain as day script file. The guy I bought the encrypted compiler never replied to my question about how this could happen.
so any thoughts on how I can protect the key in this batch file?
thanks
.--~~,__
:-....,-------`~ '._.'
` -,,, ,_ '~'
_,-' ,'`-__; '--.
(_/'~~ ''''(;