15-Minute Reviews :: BladeBox eXtreme Personal Edition v4.0.1.44

Rate This Article!

Discuss This!

Head over to the forums

Add This!

AddThis Social Bookmark Button

Hello all and welcome to another 15-Minute Review! Today’s review is on BladeBox eXtreme Personal Edition version 4.0.1.44 by Liveye – An application to create encrypted virtual drives for secure storage of files.

Software Description

As Giveaway of the Day states:

“Liveye BladeBox eXtreme is the encrypted virtual disk solution that allows you to protect your data by applying sophisticated encryption techniques on-the-fly.

BladeBox uses the well-known and ultra-secure AES (Advanced Encryption Standard), this symmetric encryption algorithm is currently believed to be the highest security standard, and it guarantees an excellent level of security and privacy. So, restricted information or data are protected against every unauthorized access. Even the use of low-level recovery software can do nothing to recover data stored inside BladeBox virtual disks.

Furthermore, BladeBox eXtreme features some advanced and intelligent techniques like dynamic size of container-files, the ability to completely hide container-files and a true application firewall that lets you decide which programs should be able to access your sensitive data.”

Quick Pros

  • Interface and setup wizard is pretty handy
  • Dynamically-sized files handy to not lock up your space on your drives
  • HideBlade does truly hide the container from Explorer and command prompt
  • Honeypot functionality a great idea
  • Speed is mediocre but acceptable (Took 1 minute 13 seconds to copy 196MB into virtual drive)

Quick Cons

  • HideBlade, AppBlade and HoneyPot are all great features, but have security flaws
  • AppBlade doesn’t seem to actually function
  • Application really needs to be protected from key loggers and screen recorders
  • System tray icon during usage could be a security risk to deniability

Expansion

While most people don’t think they have a use for an encrypted drive on your computer, ultimately, anyone who puts any sensitive information of any nature on your computer likely should have some form of encryption available; It is yet another level of protection from data theft, especially physical data theft (Either on-site or system theft leading to off-site theft).

When you start the application for the first time, you get asked if you’d like to set up the basic settings (As basic as choosing Start with Windows and a hotkey for unmounting all drives quickly). From here, you get asked if you would like to start the wizard for your first drive setup. When you do begin setting up your first encrypted drive, you get all the steps in an organized layout which explains much (but not all) of the information you may need to set up an encrypted drive (Should have offered access to the helpfile from within the Wizard and take you to the correct location).

There are a lot of settings here, including some features with a great concept in mind. The first one that struck me was the capability of a dynamically-sized drive. Essentially, the drive uses only the container space that is needed and doesn’t pre-allocate an amount of your drive for this; This is handy if you just don’t want to chew up a portion of your hard drive space beforehand. With that in mind, this could be a performance issue here as well, if the container stored on your physical drive becomes fragmented, you could experience some performance decline as well.

The second feature here is HideBlade, which essentially hides the container file from prying eyes in Windows Explorer as well as through command prompt; I didn’t have a lot of time to go hunting for the file with other tools, but likely possible to still detect it, with the file still being based in the filesystem. The biggest flat with HideBlade is even with it on, the application’s main window still shows the exact path to the file, making someone who is looking for the file to offload for later extraction easier and does not hide the container’s existence. What might be more useful is after a container is hidden, that it does not appear on the list and that you must enter its password to mount it and alter it through a generic password entry window. This could help with deniability as well; Have a ‘visible’ drive to cover up the presense of other drives (another form of honeypot).

The third feature is AppBlade, which is supposed to restrict files inside of the virtual drive from being launched from any applications except those on the white list you designate. The problem is, is that I tried this and it did not work; I still could view the files with any application I wanted, even though I denoted only one application. I would normally hope that even Explorer could not read the file, but the issue here is that it does not function as intended for me. Basically however, what is to prevent someone copying the file(s) off the drive and just accessing them that way? Even if you could restrict Explorer access to the drive, what is to prevent someone from using the ‘Open’ dialog box on the white-list applications from copying the files in the dialog box’s Explorer window?

The third feature is Honeypot. This in itself is a potential life-saver because it offers you the ability to ‘give up’ a different password which you can store other non-critical information, hoping that this does not compromise your container’s true contents. The problem with this feature, is that with it easily visible in the setup of a new drive as well as in the helpfile, there is a good chance that whomever may be forcing you to give up the password could be quite aware of the honeypot password already; Just by the application acknowledging its existence in the helpfiles and in setting up a new drive so visibly could compromise this level of protection. What should help protect this further is only allow one honeypot, and upon its creation all options for it disappear so that someone researching the application before pressing you may have a better chance of not finding out about the honeypot. One other flaw with this is that there is the potential for someone to attempt to match the honeypot file sizes to the actual container filesize and realize that the container is significantly larger than the files in the honeypot, which may make the dynamic functionality above a security risk in itself.

During testing, I copied 196MB of pictures into the virtual drive. It took 1 minute and 13 seconds to copy into the folder; Significantly longer than a standard copy may take, but it is not so unbearable that you can’t handle it. I likely wouldn’t want to work on large files straight from the virtual drive, such as larger graphic files, databases and so forth, but for general usage it wouldn’t be too bad.

A few other notes I should comment on. This application, being a security application, should likely have a virtual keyboard at minimum to reduce the risk of a keylogger waiting for you to give up your password. While I didn’t test it, I would assume that there is the chance of a screen monitoring application recording the total number of keypresses or even watch the virtual keyboard if one does arise. There should be more protection in my opinion, from more advanced prying techniques.

Final Verdict

While the concept of this application is great and is easy to use, its implementation of some of its advanced features seem either broken or flawed in concept and implementation. For free, if you just need an extra layer of protection from common thieves (hardware theft, etc.) this may be a great application, and may even help in other instances; If you’re looking for more stable protection, you may want to look at some other options. As for paying $50.00 for this title, I couldn’t bring myself to paying this much for this title, mainly because of the flaws with the protection; For $50, I would rather see a little more process in securing from the prying eyes.

Posted by BladedThoth on Tuesday, August 28, 2007