PA 22.00.09
Some labels in the help toolbar are not translated:
b3c1f5c4-b73d-49d8-9ed0-56294840838c-image.png
PA 22.00.09 shows a nag screen, when I try to open some setting windows. I have already PA 2023 Toolbox and PA shows, that it’s licensed in the info dialog.
a860bd81-3e71-4ce0-9988-74cd4189d43e-image.png
0836bc83-8046-4a91-bc7b-68bd231100a3-image.png
I’m looking forward to deploying PowerArchiver 2023 to my users. Can you tell us when the MSI will be available for download and distribution?
Thanks.
Just tried using the Modern (Windows 10) Icon set and seeing a few missing icons in both PowerArchiver Burner and PowerArchiver Encryption screens . They are all there in the Minimalistik icon set and the only difference I can see is the former is blue and the latter grey. In version 22.00.9
powerarc_2023-09-18_17-00-19.png
powerarc_2023-09-18_17-01-05.png
Hi there,
there were some security issues fixed in 7zip:
https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
As it seems, that PowerArchiver and PACL use the 7zip libraries, could you please update them to the latest version?
Hi,
From where I get PAVD2023.EXE? PowerArchiver 2023 tries to open it.
But it seems, it tries to download PAVD2021.EXE.
Thanks
I noticed that the version of ZPAQ used is older than the latest released 7.15 https://mattmahoney.net/dc/zpaq.html also there seems to be a newer fork that adds several features https://github.com/fcorbelli/zpaqfranz
It would be useful to implement this latest version (it also maintains the same syntax and behavior as the latest official release if used the -715 flag) and add when opening a zpaq file a choice of the version of the files to show (e.g. as dummy folders represented the various versions present). Since any previous changes are stored with this format, it is possible to extract a snapshot of a certain date/version.
If I open a password-protected zipper file (created with WinRAR but I think that’s irrelevant), open it with PowerArchiver and run “Remove Encryption” on the same file, then reopen it and add a password with “Encrypt Archive,” the resulting archive will be protected with the old ZipCrypto algorithm and not AES as indicated.
(this can be verified, for example, by trying to open the archive files with Windows Explorer, which does not support the AES algorithm)
PA 21.00.18 running on Windows 7 64 bit.
I made a big .PA file and thought I’d check it was made correctly with Menu / Actions / Test.
Discovered:
a) PA always issues a UAC prompt to do this!
b) PA always says there are many errors in PA files.
Security
-
Good day,
I just stumbled across this story about the use of brute force techniques to crack passwords.
What hash algorithm do the encrypted forms of zip, 7z, and Rar use? Knowing this may make helps users decide which format is most secure.
I gather, too, that you intentionally slow down the unencryption of PAE2 files to avoid brute force attacks. Correct?
Having some of this info can guide future decisions about which file types to use for delicate data.
-
yes, both pae and pae2 are much slower to brute-force due to design… i know sometimes people complain having to wait for whole archive to be decrypted before “wrong password” is shown but it works well in this case.
Both 7zip and ZIP AES encryption use sha256 hashes. Together with proper length not dictionary based passwords, it is still extremely hard/slow to brute force.
Of course, lets put this straight - article talks about linkedin using sha1 but of course as article mentions, this is completely unusable against real world online services where it is not possible to guess password more than few times, let alone 100 billion times per second.
-
PAE2 also use a sha256 hash?
-
pae/pae2 require full decryption of the file first, so basically they use aes 256bit. they can not quickly check hash to see if guessed password is correct.
