5 'Great' Open-source Desktop Security Applications

At $0.00 what are you going to lose?

Contributions from free and open software makers can be found throughout the tech world. From your datacenter to the desktop and everywhere in between; there's an open solution to your computing needs. This is no less true in information security. My focus in this article is the several outstanding information security desktop tools that personify the innovation and ingenuity of the FOSS (Free and Open Source Software) world. Please keep in mind that all of these applications (except one) are cross-platform so you can find appropriate versions on whatever you run (BSD, Mac OSX, Linux or Windows). The examples herein, however, will be catered to the largest install base (statistically): Microsoft Windows.

GnuPG & Gpg4win

GNU Privacy is a free software encryption application that is a product of the Free Software Foundation's GNU Software project. GnuPG provides a complete free software implementation of the OpenPGP standard RFC4880, making it interoperable with other OpenPGP complaint systems. Out of the box GnuPG provides a command line interface (CLI) with numerous optional graphical add-ons available for nearly all platforms. On Windows, there is Gpg4win, which is a unified set of graphical tools on top of GnuPG (command-line based). Featured packed, it offers all the options of GnuPG plus integration into Explorer for file encryption, a certificate manager application, a plug-in for Microsoft Outlook, and even a full-blown version of Clawsmail with the plug-in for GnuPG installed.

ClamAV & ClamWin

ClamWin is a lightweight and simple open source software anti-virus program for Windows. It features automatic updates, a schedule scanner, integration into context menu of Windows Explorer and even a Microsoft Outlook add-on. ClamWin is based on the ClamAV engine, which is an open source anti-virus package catered to e-mail gateways on Unix/Linux. This scanner is very light on systems resources and can be run in conjunction with other malware detection suites, as I often do. No anti-malware suite is perfect but this light and stable protection helps in a world of ever present and evolving malware.

KeePass

KeePass is an open source, secure password management utility. It replaces those uber-secure sticky notes littered with passwords that you have around your monitor (let's hope you don't) with a simple yet sound application to securely store them. Unlike those sticky notes, passwords are AES or Two-fish encrypted in a database file. Keepass is feature rich with the ability to import and export, auto type, drag and drop support, a password generator and numerous add-ons to further extend its functionality.

PeaZip

PeaZip is a sleek open source file and archive manager that supports a wide array of compression and encryption standards. It provides many helpful security features such as two-factor authentication, secure deletion, checksum and hash verification and WinZip's, PKZip's and 7's AES256 encryption, to name a few. PeaZip is a simple, sleek feature packed archive manager I recommend for any desktop.

Eraser

As we all know the delete key is hardly effective or secure. Data retention is a very real concern for the security minded. Eraser is a Windows only secure data removal tool that supports a myriad of secure removal methods such as Guttman, US DoD 5220.22.M and Schneirer. With Eraser, you can erase individual files or folders, unused disk space, or the contents of the recycling bin with a simple point-and-click interface. Integration into the context menu of Windows Explorer allows for easy access to this powerful tool with a quick right click. It's highly configurable scheduler helps keep you secure by automating this process for you. The one weakness of this application is that it's only available for Windows, but hopefully ports to Linux, Mac OS X, Unix and BSD will be forthcoming.

I hope you will take time to try these applications for yourself. Don't take my word for it, try them yourself. At $0.00 what are you going to lose? If you do find them useful, please consider paying it forward with a donation or other contribution to the projects.

Joseph Guarino is the owner and senior consultant at EvolutionaryIT and is based in Boston.

Tags: open source, security
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »