What languages are supported in FinalCrypt ?
Afrikaans, Amharic, Arabic, Armenian, Azerbaijani, Basque, Belarusian, Bengali, Bulgarian, Burmese, Castilian, Catalan, Chinese, Croatian, Czech, Danish, Dutch, English, Esperanto, Estonian, Farsi, Finnish, Flemish, French, Georgian, German, Greek Modern (1453-), Gujarati, Hebrew, Hindi, Hmong, Hungarian, Icelandic, Igbo, Indonesian, Italian, Japanese, Javanese, Kannada, Kazakh, Korean, Latvian, Macedonian, Malay, Maltese, Marathi, Moldavian, Moldovan, Mong, Mongolian, Nepali, Norwegian, Panjabi, Pashto, Persian, Polish, Portuguese, Punjabi, Pushto, Romanian, Russian, Serbian, Sindhi, Sinhala, Sinhalese, Slovenian, Sotho Southern, Spanish, Swahili, Swedish, Tagalog, Tajik, Tamil, Telugu, Thai, Turkish, Ukrainian, Urdu, Uzbek, Valencian, Vietnamese, Western Frisian, Xhosa, Yoruba, Zulu
Languages can be corrected and added to FinalCrypt. Please read instructions here
How did this software get the name FinalCrypt ?
The software deserved an appropriate name. The most important property is One-Time Pad Encryption which can't be broken
Non OTP encryption algorithms will be broken over time. OTP encryption truly is final so therefor it was named FinalCrypt
Is it legal to protect my privacy with FinalCrypt ?
Imagine strangers invading your house, closely observing you and your family members in detail, searching through all your papers and correspondence
In real life this would never be tolerated, but on our computers and cell phones we have no clue. Big Tech knows that you don't know and gets away with it
In most countries privacy is a constitutional right, because it is a very reasonable Human Right by Article 8
Why was the Creative Commons License chosen ?
Because Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)
legally protects FinalCrypt from people building in back-doors and release a malicious version of FinalCrypt to the public
The more popular GPL3 license does not protect software and users against malicious changes being released to the public
Changing the FinalCrypt source code for personal use is allowed of course
Does FinalCrypt gather privacy sensitive information ?
No, that's private, but FinalCryot's IP address and User Agent String is logged on every Check Update
When FinalCrypt checks for updates it fetches the VERSION2 file just like every Browser would do that
This is how we know how many users there are and what FinalCrypt Version runs on what Operating System
Further than that nothing else is gathered or uploaded
Is FinalCrypt regularly independently tested for safety ?
Yes, all FinalCrypt releases are uploaded to VirusTotal to be scanned for malicious software at 70 anti-virus companies
Please feel free to check FinalCrypt your self for spyware or malware any way you wish or Test FinalCrypt Checksums here
Can other people get involved in the FinalCrypt project ?
Yes absolutely, there are a number of voluntary roles available:
Web Hosters to host and mirror the FinalCrypt website
Translators to translate FinalCrypt to other languages
Ambassadors to promote and create public attention for FinalCrypt
Test Engineers to test FinalCrypt on different systems (where possible)
Security Engineers to find possible exploits and vulnerabilities in FinalCrypt
Support Engineers to support FinalCrypt users on different systems (where possible)
Please contact me if you wish to volunteer: Email | Telegram
How can we say thank you ? Do you accept donations ?
Every “thank you” is really appreciated, but FinalCrypt depends on users spreading the word as I don’t have the financial means to advertise
I don't accept donations, but please thank me by sharing online. FinalCrypt is also a public protest telling “Big Brother” enough is enough!
Where do I find FinalCrypt's history and log files ?
In your home directory you'll find a subdirectory called: ".finalcrypt\log" (notice the ".")
FinalCrypt 6.3.2 introduced a new "Logs" link at the bottom which directly opens a FileManager
What Operating Systems are supported by FinalCrypt ?
All the major Operating Systems are supported
Microsoft Windows: XP, Vista, 7, 8, 10 etc.
Apple OSX 10.7.3 or higher
Linux (many distribution)
BSD: FreeBSD, GhostBSD (OpenJFX)
HPUX (best effort)
AIX (best effort)
The major Mobile Operating Systems are not supported
The non major Mobile Operating Systems are best effort supported
If anyone has the opportunity and wants to test FinalCrypt on PureOS or Plasma Mobile then you're more than welcome to ask for support
Where does FinalCrypt create the automatic key files ?
The short answer is in the Key Directory (selected on the right panel)
Just remember: Key File = [Key Directory] + [Full Path Encrypted File]
Here is an example:
Encrypted File: C:\Users\steve\Documents\My secret loveletter.doc.bit
Key Directory : D:\KF\
Auto Key File: D:\KF\C\Users\steve\Documents\My secret loveletter.doc.bit
If your target files moved to another location and FinalCrypt can't match the keys then there's a trick
Click the Missing Keys number (right panel in FinalCrypt) and FinalCrypt prints the missing key files on the log section.
Search for these key files and restore them to the new matching location. Once restored, FinalCrypt will show them as Matched Keys.
Can you tell us a bit more about the (Auto) Key Directory ?
Your Key Directory holds your One Time Pad Key Files which are automatically created and selected
The first time you use FinalCrypt you can select any empty directory as your (Auto) Key Directory
It's highly recommended that your Key Directory of choice is stored on a fast external USB drive
Every time you start FinalCrypt you go into that same Key Directory (on the external USB drive)
More information on: how Automatic Keys works
It is highly recommended that you also set a password when encrypting in case your key files are lost / stolen.
Backup your encrypted files AND key files together on an external (USB) drive
For more info please see: "How do I best backup my encrypted files and key files ?"
I can't find the Create Key Button anymore! Is it deleted ?
Please don't use the Manual Create Key Mode anymore as Automatic Key Mode has become the standard for some time now
From version 5.6.2 the Create Key Button was removed to prevent confusion on how to use FinalCrypt's Automatic Keys
An invisible link appears when hovering over the "Select One-Time Pad Key Dir" Label to create manual keys (if needed)
Here is some history on FinalCrypt Keys:
Initially FinalCrypt started without Key Generator, allowing users to select personal images and videos as key files
The idea was that even supercomputers couldn't guess (render) all combinations until it bit accurately got a picture of me and my cat
Crypto experts then said that FinalCrypt was actually a sort of One-Time Pad Encryption breaking OTP rules because of two reasons:
1. Personal images or videos are NOT truly random
2. Re-use of keys (1 key encrypting multi files) causes drastic deduction of random key patterns making encrypted files vulnerable
In version 2.6.0 I added the Create Key button with a cryptographically strong random number generator to comply with One-Time Pad security
In version 5.0.0 I added Automatic Key generation, which allowed FinalCrypt to (batch) encrypt all files with One-Time Pad security by default
How secure are FinalCrypt generated cryptographic keys ?
FinalCrypt uses the Oracle java.security.SecureRandom class as its cryptographic random number generator
Oracle's java.security.SecureRandom is FIPS140-2 & RFC1750 compliant and generates non deterministic output
However, in every external dependency hides a potential uncertainty, which is why extra precautions have been taken
FinalCrypt extra seeds and encrypts two SecureRandom streams with each other to generate even more secure random output
This costs 25% in performance, but the product of these extra precautions add an extra layer of random security to the keys
In 2013 it was confirmed that the NSA inserted a backdoor in the NIST certified cryptographically secure pseudorandom number generator
Breaking encryption is the NSA's core business, therefor (as a cryptographic software developer) you can never be too cautious!
Can you explain a bit more about how the password works ?
Using a password is optional, but highly recommended in case your key-files are lost or stolen
The optional password effectively encrypts your files twice (multi key encryption) in addition to OTP key encryption
When someone finds your encrypted files (encrypted without password), together with your key files then they could simply decrypt them
When you encrypt your files with an optional password then your encrypted files still can't be decrypted with only your lost / stolen key-files
Can FinalCrypt decrypt across Operating and File Systems ?
Yes FinalCrypt can decrypt across different Operating Systems and File Systems
However, UNIX systems (such as Apple OSX and Linux) mount file-systems at different locations
which causes the directory structure of encrypted files to change, going from one system to another
FinalCrypt then can't find the keys anymore as it expects encrypted file paths to be identical to the key file paths underneeth the Key Directory
Here is an example:
MS Windows initial key path
-GNU/Linux -faulty key path
-GNU/Linux correct key path
Can FinalCrypt encrypt files in a LUKS / Veracrypt volume ?
Yes FinalCrypt (like most applications) has no notion of any underlying disk encryption
FinalCrypt just creates files and writes file-data to any physical or logical file-system
This has been tested on LUKS and VeraCrypt successfully (with different file-systems)
How do I best backup my encrypted files and key files ?
Make sure that at every backup you also backup your key files together with your encrypted files as pairs
Decrypting your files also deletes the correlating key files. When re-encrypting then new keys are created
It is for this reason that re-encrypted files can not be decrypted with previous versions of key files
Backups of encrypted file - key pairs can be quite simple
Just schedule 1 backup that has 2 includes:
Include 1: My Documents (holding your encrypted files)
Include 2: Key Directory (holding your (My Documents) key files)
The backup output (on USB drive) will usually be a directory name with a (backup) date
Every time you backup, a new backup directory with a new date will be added.
Good backup solutions make sure that unchanged files (between the last backup and the current backup) are hard linked before it synchronizes the changes
That way backups only grows when files change, but it only works on file systems that support hard links like NTFS for Windows 10 and all other UNIX file systems
Linux has Back in Time & Apple has Time Machine for hard linked backups, so you only need to find equivalents for Windows
Why do I see so many strange characters in my .bit files ?
Most likely you're using a texteditor like notepad or wordpad to open up a .bit file
Encrypted file data is virtually all random binary data comming from random key data
Text editors don't know what text encoding to use on random data and use default encoding
Modern computers use UTF8 encoding (large variety of international characters and symbols)
Why does "myfile.bit" show unencrypted and encryptable ?
Those are probably keys not having a Message Authentication Code (MAC)
FinalCrypt does not recognise encrypted files by the .bit extension
FinalCrypt looks inside the file to see if it has a Message Authentication Code (MAC)
The MAC consists of 2 x 70 bytes located at the beginning of the data. You can use a hex-editor to see the MAC
The 1st 70 bytes is fixed plain text: "FinalCrypt - One Time Pad File Encryption - Plain Text MAC Version 003"
The 2nd 70 bytes is the encrypted version of the plain text. This is how FinalCrypt authenticates encrypted files
Is there a fast way to find all my key files on my computer ?
Your (Auto Key) key files have identical names of their encrypted files and also have a .bit extension
Doing a search for .bit files would also match all your encrypted files, so how can you tell them apart
FinalCrypt also can't tell if a file is a Key File, without having the encrypted file and the password
But there's a trick that might help by doing the following: (FinalCrypt does not traverse Linked directories)
Download JAVA8 U 221 to the “Downloads“ directory
Download finalcrypt.jar to your “Downloads“ directory.
Open a Files-Manager and go to your “Downloads” directory and Install JAVA8
Start a DOS Shell: (Windows) Open StartMenu and search for "cmd" and open it and type:.
java -cp Downloads\finalcrypt.jar rdj.CLUI --decrypt --test -w "*.bit" -k . -t Documents\
No decryptable targets found
Wrong key / password?
C. Continue test
1. print 51 decrypted files (409,5 MiB)
2. print 51 encryptable files (409,5 MiB)
3. print >.6.3.2 encrypted files (94,0 GiB)
4. print 0 decryptable files (0,0 Bytes)
5. print 0 empty files
6. print 0 symlink files
7. print 0 unreadable files (0,0 Bytes)
8. print 0 unwritable files (0,0 Bytes)
9. print 99 hidden files (12,8 MiB)
10. print 0 unencryptable (0,0 Bytes)
11. print >.6.3.2 undecryptable (94,0 GiB)
12. print 0 key matched files (0,0 Bytes)
13. print 51 key write files (409,5 MiB)
What list would you like to see ? 1
Now print num 1 the decrypted files
Can FinalCrypt's encryption be command-line automated ?
Yes, FinalCrypt has a fully featured command-line interface.
FinalCrypt's command-line interface has even more flexible and powerful features
The command-line interface is called rdj.CLUI and requires you to prepare the following:
Download JAVA8 U 221 to the “Home“ directory.
Download finalcrypt.jar to your “Home“ directory.
Open a Files-Manager and go to your “Home” directory.
Install JAVA8 and open a DOS Prompt "cmd" / shell (UNIX) and type:
java -cp finalcrypt.jar rdj.CLUI
Press [Enter] to read the manual page.
The FinalCrypt graphical user-interface can help you to quickly learn how to use the command-line interface.
As soon as the GUI is ready to en/decrypt a Print Command button appears in the lower right corner.
Clicking the Print Command button shows an example of what a command-line equivalent command looks like.
Click here to read FinalCrypt's command-line manual page
On Apple OSX how do I stop file-manager focus-flashing ?
FinalCrypt 5.6.6 solved the Apple OSX file-manager focus-flashing problem, please update to the latest version and let me know if it happens again
If flashing happens on Apple OSX it can be stopped by clicking the Log Tab followed by clicking the Encrypt Tab again in the upper left corner
FinalCrypt hangs sometimes on Apple OSX. What can I do ?
FinalCrypt 5.6.6 solved the Apple OSX hang problem, please update to the latest version and let me know if it happens again
The previous FinalCrypt GUI could hang sometimes on Apple OSX after encrypting / decrypting, but usually after finishing en/decryption
The FinalCrypt log files "/Users/$USER/.finalcrypt/log/" allow you to check whether FinalCrypt properly finished en/decryption
I recovered a securely deleted file! Is it a Security Flaw ?
No, it's not a security bug or flaw. You might be able to recover deleted files with special file recovery tools (Recuva)
Before FinalCrypt deletes the original file, it writes the encrypted data to the original file (also called Shredding)
If you would recover the Old File and read it with a Hex-Editor (e.g. Free Hex Editor) you would see only encrypted data
Shredding during decryption has a reverse effect, so there is no encrypted data to be found on old recoverable files
Here is an example of an original securely deleted, but recovered file (on the left) and its encrypted counterpart on the right having identical data
Is there a way to compare FinalCrypt logfile checksums ?
Yes, but only for UNIX/Linux as a shell script called: FinalCrypt_Compare_Logs.bash
The way it works is as follows:
You start FinalCrypt and encrypt a set of files and after finishing close FinalCrypt
You again start FinalCrypt and decrypt the same set of files and close FinalCrypt
You can do that in the encrypt - decrypt order or in the decrypt - encrypt order
Then after a full cycle of back and forth encryption you can use the script
You can find the FinalCrypt logfiles in your homedir here: "~/.finalcrypt/log/"
The script checks the function performed in the logfiles you parse on the command line
The log filenames below are just examples, you can use the original log filenames
./FinalCrypt_Compare_Logs.bash [-v] encrypt.log decrypt.log
./FinalCrypt_Compare_Logs.bash [-v] decrypt.log encrypt.log
It can even cross compare all function combinations like:
./FinalCrypt_Compare_Logs.bash [-v] decrypt.log decrypt.log
./FinalCrypt_Compare_Logs.bash [-v] decrypt.log encrypt.log
./FinalCrypt_Compare_Logs.bash [-v] encrypt.log decrypt.log
./FinalCrypt_Compare_Logs.bash [-v] encrypt.log encrypt.log
The script knows which checksums should be identical and print differences
That's how I do massive 100% integrity tests on 90 GiB of test data / files
I forgot my password, is there a way to decrypt my files ?
Maybe you could try the new FinalCrypt v5.6.0 Brute Force Password Dictionary Scan function
It only works from the command line interface, which requires you to prepare the following:
Download a password dictionary file to the Downloads directory
Download JAVA8 U 221 to the “Downloads“ directory.
Download FINALCRYPT JAR to your “Downloads“ directory.
Open a Files-Manager and go to your “Downloads” directory.
Install JAVA8 and extract the Password Dictionary (rename it dictionary.txt)
Open a DOS Prompt "cmd" / shell (UNIX) and type:
java -cp Downloads\finalcrypt.jar rdj.CLUI --scan --password-dictionary "Downloads\dictionary.txt" -k "mykeydir" -t "myfile"
Best is to pick one target file to Brute Force and of course correct "mykeydir" and "myfile" in the above example
FinalCrypt prints 1 second interval progress trying all passwords and stops when it finds your lost / forgotten password
Beware that brute-forcing passwords comes without guarantees. It all depends on how hard your password is to guess
I lost my key files, is there any way to decrypt my files ?
No, sorry, this is why you need to make backups!
Clicking "Logs" doesn't work on Linux! How do I fix this ?
This is a known issue with Ubuntu based Linux distributions
The default file manager nautilus reports a similar error:
(nautilus-autorun-software): WARNING : Unable to find device for URI: Containing mount for file /home/user/.finalcrypt/log not found
To fix the issue open a terminal and type:
xdg-mime default nautilus.desktop inode/directory application/x-gnome-saved-search
Now try clicking "Logs" again in the GUI
Can you tell us a bit about your background ?
My name is Ron de Jong born in 1969 living in Zaandijk (close to Amsterdam) The Netherlands. At 13 I started programming Basic on an Atari 600XL and loved it
At 15 I dropped out of school when my father died and worked in factories, became a soldier, truck driver, bus cleaner, electrician and what not or was unemployed
Later I picked up and finished my Telematics & LAN Management education and worked for 15 years as a UNIX Systems & Software Engineer mostly for large companies
After 2008 things went down hill and in 2012 I lost everything I worked for in life: the house, the car, the furniture and my pension and became shortly homeless
I can't function in bright light, noisy, social and commercial environments. Stress and conflict with colleagues, staff shortage and high workloads ended my jobs
After 2 months we got a flat in a bad neighborhood and I asked for a psychiatric diagnosis to see what's wrong with me and to save my marriage with my Iranian wife
In 2014 I was diagnosed with Autism (Asperger), which explained a lot about my social conflicts and being easily sensory overstimulated. After all we still divorsed
We ended up as best friends and Iranian people have a warm place in my heart! I wanted to do something back for society in an AUTISM FRIENDLY way working from home
Combining my ICT background, my school of life and autistic worldview, I decided to become a Human Rights (OpenSource) Software Developer for the ordinary people
I never felt happier in life having a purpose that matters, contributing society protecting people worldwide from systematic cyber espionage, quietly from home
A special thanks goes out to my beloved and like-minded girlfriend Brigitta, after which the FinalCrypt "bit" extension was named. Casually I call "Brigitta" -> "Brigit"
which sounds like "Bridge It" further abbreviated to "bit". Brigitta is a genius in reproducing a wealth of information and she can also keep information perfectly secret
Like ancient Scandinavian and Irish history describes, Brigitta is my beautiful wise keltic blond and delightful sensual goddes of light, good faith, joyful life and poetry
Why did you become interested in Encryption ?
In my career encryption always played a part, but more as something you'd use, assuming that encryption algorithms were as secure as the authorities claimed
Encryption really became interesting to me when I came to realise that Mass Surveillance was silently and globally implemented starting from the 9/11 attacks
How did you get the idea of developing FinalCrypt ?
After my autism diagnosis I tried to understand my social limitation in an attempt to understand what social behavior really is, but couldn’t find objective answers
Reading the book "On the origin of the human mind" and further philosophizing about Human Evolution regarding Social Behavior I came to some interesting conclusions
Social behavior is about group hunting competences, (teamwork) cooperation & communication, behavioral observation (espionage), planning, deception & attack
These lucrative competences are deeply embedded in our human instinct, allowing us to overthrow opponents and enemies, keeping us on top of the food chain
We humans also use these competences against each other to dominate and exploit, mostly for economic reasons. The pieces of the puzzle then fitted together
Over the years more and more news came out that vulnerabilities of crypto algorithms were deliberately exploited to expand Big Brother espionage on civilians
Thanks to honorable people like Edward Snowden home • Julian Assange wikileaks • Shoshana Zuboff home • Bruce Schneier home • Chelsea (Bradley) Manning home
we now know we can’t trust Big Tech, the national security agencies, the military and governments to respect our human rights and personal privacy
I came to realize that after so many lies standard encryption can't be trusted either. Only One-Time Pad Encryption is irreversible and unbreakable
The public & private sector spy for economic reasons and power. Therefor good One-Time Pad Encryption software had to be developed from the ground up
Disk Encryption can't be trusted because spyware (running in the background) simply scans & reads all your files as soon as you unlock your drive
The only way to prevent file espionage is to constantly block access to all personal files with good unbreakable One-Time Pad Encryption Software
What if terrorists or child abusers abuse FinalCrypt ?
That's a horrible thought, but do we blame BMW when someone kills another person with a BMW ? Should we then disallow everyone from driving a BMW ?
FinalCrypt isn't build for people to harm others! It's also build for governments and industries, so their secrets can't be stolen by other nations
If FinalCrypt is used to harm others, then these people should be brought to justice and lawfully force them to surrender their keys and passwords
Terrorists are also created by military aggression, putting dictators in power for cheap oil contracts, allowing bad regimes to torture their people
FinalCrypt serves a greater purpose. Capitalism causes far greater suffering and death toll, where the upper class suppresses and exploit the lower class
Where capitalists financially influence politics by negotiatiating to limit the legal rights of the working class in order to maximize profits
Governments and employers spy on civilians mostly for economic reasons, demanding full transparency, but refuse to be transparent them selves
If one group has the advantage of operating in secrecy over another group (without equal rights) then dominance and exploitation will happen
Peace can only happen when the right to privacy is equally devided, so everyone is transparant or no one is and not just the working class
When nations can't measure each other's strengths and weaknesses (due to mutual secrecy), then respecting each other is the only option
If rulers demand transparency of the masses, but refuse to be transparent them selves then the masses should protect their privacy
The ultimate goal shouldn't be profit optimisation, but suffering minimisation and therefor defend against exploitation