From Newsgroup: uk.comp.sys.mac

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor


--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 26/02/2026 16:42, Martin S Taylor wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor

You could use encrypted disk images, one per file.

To make life a little easier, Automator has a "New disk image" action
with an "encrypt" tick box, an option to make the image just big enough
to hold the original and an option to create the image file in the same directory as the original. So that makes it amenable to building into a script/droplet where you drag and drop the target file onto it and out
pops a .dmg

Regards,
--
Bruce Horrocks
Hampshire, England
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 26 Feb 2026, Bruce wrote
(in article<485acdd0-6220-4a80-a8ab-4e6dc36dcaa0@scorecrow.com>):

On 26/02/2026 16:42, Martin S Taylor wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor

You could use encrypted disk images, one per file.

To make life a little easier, Automator has a "New disk image" action
with an "encrypt" tick box, an option to make the image just big enough
to hold the original and an option to create the image file in the same directory as the original. So that makes it amenable to building into a script/droplet where you drag and drop the target file onto it and out
pops a .dmg

Yes, but an awful faff, considering there are hundreds of files I need to encrypt, and IrCOd have to decrypt them individually to look at them. Also this fails my requirement number 5.

I suppose what IrCOm really looking for is another program like Cryptomator, but which isnrCOt Cryptomator.

MST

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

<https://github.com/aonez/Keka/wiki/Compressing-with-Keka#keka-compression-formats>
--
Cheers, Alan
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather
specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time
I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if
necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

You could write a simple one in Applescript. It obviously wouldn't be
terribly secure but if everyone did this in their own individual way,
the amount of effort a snooper would have to be put into decoding each
one would not be worth the amount of data discovered.
--
~ Liz Tuddenham ~
(Remove the ".invalid"s and add ".co.uk" to reply)
www.poppyrecords.co.uk
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I don't need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if
necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for complicated reasons).

Thanks in advance.

I'm afraid that I don't see what benefits you expect
that turning on Filevault won't get you automatically and transparently,

Jan

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 27 Feb 2026 at 9:55:48rC>am GMT, "J. J. Lodder" <J. J. Lodder> wrote:

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific) >> requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >> several GB of stuff, I don't need to backup the whole shebang every time I >> modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer,
which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if
necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for
complicated reasons).

Thanks in advance.

I'm afraid that I don't see what benefits you expect
that turning on Filevault won't get you automatically and transparently,

It wouldn't satisfy point 1, I believe.
--
TimH
pull tooth to reply by email
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Liz Tuddenham <liz@poppyrecords.invalid.invalid> wrote:

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I|orCo-Om looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I don|orCo-Ot need to backup the whole shebang every time
I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when I|orCo-Ove finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I can|orCo-Ot use, for
complicated reasons).

You could write a simple one in Applescript. It obviously wouldn't be terribly secure but if everyone did this in their own individual way,
the amount of effort a snooper would have to be put into decoding each
one would not be worth the amount of data discovered.

The whole idea of file encryption is inherently a bad idea,
because no recovery is possible when things get corrupted.
Back-ups may be corrupted too, without that being noticeable.

Apple had the right idea, which is encryption at block level
instead of file level.
(starting with FileVault 2, from OS X 10.7 Lion onwards
replacing the disk image approach of Filevault 1 from OSX 10.3)

This leaves all standard recovery tools available,

Jan
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor

I wrote a program called Cryptograf, which does exactly that. Offers a selection of encryption algorithms, including AES, TEAB, Blowfish and
Skipjack. Can open files containing pictures or plain text without decrypting the file on disk, and is generally very useful. Alas Apple killed it, as it's
a Carbon app, and won't run under any system later than Mojave.

Is file-level encryption even possible on modern machines, since there's no
way to overwrite a file on an SSD?

Phil Taylor
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

TimH <thnews@poboxmolar.com.invalid> wrote:

On 27 Feb 2026 at 9:55:48?am GMT, "J. J. Lodder" <J. J. Lodder> wrote:

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific) >> requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >> several GB of stuff, I don't need to backup the whole shebang every time I >> modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, >> which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if
necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for >> complicated reasons).

Thanks in advance.

I'm afraid that I don't see what benefits you expect
that turning on Filevault won't get you automatically and transparently,

It wouldn't satisfy point 1, I believe.

Of course it doesn't, that's where it all goes wrong.
Encrypting at the file level is a bad idea to begin with,
now that there is a better alternative,

Jan

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 27.02.26 10:20, Alan B wrote:

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) >> requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >> several GB of stuff, I donrCOt need to backup the whole shebang every time I >> modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer,
which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary. >>
6. Not Cryptomator (which does all the above, but which I canrCOt use, for >> complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

<https://github.com/aonez/Keka/wiki/Compressing-with-Keka#keka-compression-formats>

I'm certainly not the heavy user of compression and encryption utilities
but I use Keka for a couple of years. And similarly to you I love the possibility to encrypt and compress with 7z which I used for at least 2 decades.
--
"Roma locuta, causa finita" (Augustinus)
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

J%rg Lorenz <hugybear@gmx.net> wrote:

On 27.02.26 10:20, Alan B wrote:

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor"
<hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I?m looking for an encryption program with the following (rather specific) >>> requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >>> several GB of stuff, I don?t need to backup the whole shebang every time I >>> modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, >>> which I then have to securely delete when I?ve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I can?t use, for >>> complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

<https://github.com/aonez/Keka/wiki/Compressing-with-Keka#keka-compression-formats>

I'm certainly not the heavy user of compression and encryption utilities
but I use Keka for a couple of years. And similarly to you I love the possibility to encrypt and compress with 7z which I used for at least 2 decades.

Using Keka surely beats using a rather complex 7z command line in the
Terminal app ;-)
--
Cheers, Alan
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Alan B <alanrichardbarker@gmail.com.invalid> wrote:

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I don't need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

<https://github.com/aonez/Keka/wiki/Compressing-with-Keka#keka-compression-for

mats>

And for Martin: Keka has automatic format detection with drag and drop.
If you put (an alias of) it on the desktop drag and dropping
will decrypt archives and compress files and folders, [1]

Jan

[1] But it may fail on renamed .zip formats such as .epub or .cbr
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 28 Feb 2026 at 10:57:46 GMT, "J. J. Lodder" <J. J. Lodder> wrote:

Alan B <alanrichardbarker@gmail.com.invalid> wrote:

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor"
<hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific) >>> requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >>> several GB of stuff, I don't need to backup the whole shebang every time I >>> modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, >>> which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for >>> complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

<https://github.com/aonez/Keka/wiki/Compressing-with-Keka#keka-compression-formats>

And for Martin: Keka has automatic format detection with drag and drop.
If you put (an alias of) it on the desktop drag and dropping
will decrypt archives and compress files and folders,

I'm not sure why the -r switch does not work as expected with 7z on the
command line. So I always "tar" the directory I want to compress before using 7z,.

# Backup (no encryption example):

tar cf - directory | 7za a -si directory.tar.7z

# Restore:

7za x -so directory.tar.7z | tar xf -
--
Cheers, Alan
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 28 Feb 2026, Bruce wrote
(in article<433c2cd2-2850-403f-bfc3-60f86eec4036@scorecrow.com>):

On 27/02/2026 08:55, Martin S Taylor wrote:

On 26 Feb 2026, Bruce wrote
(in article<485acdd0-6220-4a80-a8ab-4e6dc36dcaa0@scorecrow.com>):

On 26/02/2026 16:42, Martin S Taylor wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor

You could use encrypted disk images, one per file.

To make life a little easier, Automator has a "New disk image" action with an "encrypt" tick box, an option to make the image just big enough to hold the original and an option to create the image file in the same directory as the original. So that makes it amenable to building into a script/droplet where you drag and drop the target file onto it and out pops a .dmg

Yes, but an awful faff, considering there are hundreds of files I need to encrypt, and IrCOd have to decrypt them individually to look at them. Also this fails my requirement number 5.

I thought that you *wanted* to be able to encrypt/decrypt files
individually, potentially using a different password for each.

If you don't - i.e. you're happy to use one password for multiple files
- then just use an encrypted sparsebundle.

This would be the perfect solution if there was a way to make it satisfy point 5. Is there? Can I create some sparsebundle using a program which isnrCOt built in?

MST

--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 27 Feb 2026, Alan B wrote
(in article<10nrnku$2cqfp$1@alphabravo.eternal-september.org>):

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific)
requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I
modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

I looked at Keka, but I canrCOt see how to make it satisfy both 1 and 2.

Perhaps I havenrCOt made point 1 clear enough. I want to have a repository of many small files, which are not readable unless I have program X. When I run program X, I can type in one password and this grants access to all my files. If I modify one of the files, my backup program will only make a correspondingly small change to the backup, and not backup the entire encrypted repository.

Cryptomator will do this. I can also do this by making an encrypted .sparsebundle containing all the small files. But Cryptomator doesnrCOt satisfy point 6, and sparsebundle doesnrCOt satisfy 5.

Since my original post IrCOve found CryFS, which comes close but has to be installed using HomeBrew, so is a faff to delete when I need to (point 5).

MST

--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 01/03/2026 10:35, Martin S Taylor wrote:

On 28 Feb 2026, Bruce wrote
(in article<433c2cd2-2850-403f-bfc3-60f86eec4036@scorecrow.com>):

On 27/02/2026 08:55, Martin S Taylor wrote:

On 26 Feb 2026, Bruce wrote
(in article<485acdd0-6220-4a80-a8ab-4e6dc36dcaa0@scorecrow.com>):

On 26/02/2026 16:42, Martin S Taylor wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific) requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing several GB of stuff, I donrCOt need to backup the whole shebang every time I modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for complicated reasons).

Thanks in advance.

Martin S Taylor

You could use encrypted disk images, one per file.

To make life a little easier, Automator has a "New disk image" action
with an "encrypt" tick box, an option to make the image just big enough >>>> to hold the original and an option to create the image file in the same >>>> directory as the original. So that makes it amenable to building into a >>>> script/droplet where you drag and drop the target file onto it and out >>>> pops a .dmg

Yes, but an awful faff, considering there are hundreds of files I need to encrypt, and IrCOd have to decrypt them individually to look at them. Also this fails my requirement number 5.

I thought that you *wanted* to be able to encrypt/decrypt files
individually, potentially using a different password for each.

If you don't - i.e. you're happy to use one password for multiple files
- then just use an encrypted sparsebundle.

This would be the perfect solution if there was a way to make it satisfy point 5. Is there? Can I create some sparsebundle using a program which isnrCOt built in?

MST

The ability to create a sparseebundle is a built-in feature of Macos.
There's nothing to install and nothing to delete.

I'm not aware of an alternative encryption app that can create
sparesebundles - or an equivalent - that meets your backup requirement 1.

If you can explain a bit more about why you want it to be an app that
can be deleted then we might be able to offer a solution.

Regards,
--
Bruce Horrocks
Hampshire, England
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 01/03/2026 10:49, Martin S Taylor wrote:

On 27 Feb 2026, Alan B wrote
(in article<10nrnku$2cqfp$1@alphabravo.eternal-september.org>):

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor"
<hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific)
requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing >>> several GB of stuff, I donrCOt need to backup the whole shebang every time I
modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, >>> which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for >>> complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

I looked at Keka, but I canrCOt see how to make it satisfy both 1 and 2.

Perhaps I havenrCOt made point 1 clear enough. I want to have a repository of many small files, which are not readable unless I have program X. When I run program X, I can type in one password and this grants access to all my files. If I modify one of the files, my backup program will only make a correspondingly small change to the backup, and not backup the entire encrypted repository.

But what point does no 5 play in this? Sure, if you had installed Keka
then you could also delete it. But if it were reinstalled the encrypted
files would become accessible again - because it is the encryption
password that matters, not the program that did the encryption.

Cryptomator will do this. I can also do this by making an encrypted .sparsebundle containing all the small files. But Cryptomator doesnrCOt satisfy point 6, and sparsebundle doesnrCOt satisfy 5.

Since my original post IrCOve found CryFS, which comes close but has to be installed using HomeBrew, so is a faff to delete when I need to (point 5).

MST

--
Bruce Horrocks
Hampshire, England
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Martin S Taylor <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

On 27 Feb 2026, Alan B wrote
(in article<10nrnku$2cqfp$1@alphabravo.eternal-september.org>):

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

I'm looking for an encryption program with the following (rather specific)
requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing
several GB of stuff, I don't need to backup the whole shebang every time I
modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when I've finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if
necessary.

6. Not Cryptomator (which does all the above, but which I can't use, for complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

I looked at Keka, but I can't see how to make it satisfy both 1 and 2.

But Keka does satisfy your point 1.
You can set it to compress individual files (or folders)
as separate items. [1]

As for 2, you would seem to be a bit paranoid here.
It is easily met however by deleting or overwriting
-the contents- of the old version of the file,
and saving the empty contents, before deleting it.
That way there will not be anything to recover,
even if deleted non-securely.

Jan

[1] But Keka may have problems with compressing really huge numbers of
(small) files or folders, that is thousands of files at one go,
even if you set it to compress them one file at a time.
Once done, the problem no longer exists.


--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 1 Mar 2026, Martin S Taylor wrote
(in article<0001HW.2F54514600320A0330706238F@news.eternal-september.org>):

On 27 Feb 2026, Alan B wrote
(in article<10nrnku$2cqfp$1@alphabravo.eternal-september.org>):

On 26 Feb 2026 at 16:42:16 GMT, "Martin S Taylor" <hogwash@mRaErMtOiVnEstaylor.TcHoImS> wrote:

Hi:

IrCOm looking for an encryption program with the following (rather specific)
requirements. Can anyone help?

1. Encrypts at the file level, so that although I have a folder containing
several GB of stuff, I donrCOt need to backup the whole shebang every time
I
modify one tiny file.

2. I can modify a file without making an unencrypted copy on my computer, which I then have to securely delete when IrCOve finished with it.

3. Opensource

4. Inexpensive

5. A standalone program, which I can delete from my hard drive if necessary.

6. Not Cryptomator (which does all the above, but which I canrCOt use, for
complicated reasons).

Keka? Uses 7z to encrypt using AES-256.

I looked at Keka, but I canrCOt see how to make it satisfy both 1 and 2.

Perhaps I havenrCOt made point 1 clear enough. I want to have a repository of many small files, which are not readable unless I have program X. When I run program X, I can type in one password and this grants access to all my files. If I modify one of the files, my backup program will only make a correspondingly small change to the backup, and not backup the entire encrypted repository.

Cryptomator will do this. I can also do this by making an encrypted .sparsebundle containing all the small files. But Cryptomator doesnrCOt satisfy point 6, and sparsebundle doesnrCOt satisfy 5.

Since my original post IrCOve found CryFS, which comes close but has to be installed using HomeBrew, so is a faff to delete when I need to (point 5).

MST

Am no expert, but I found this: PicoCrypt <https://github.com/Picocrypt/Picocrypt?tab=readme-ov-file>
...with a bit of description here... <https://davescomputertips.com/picocrypt-a-simple-powerful-encryption-tool/>

It seems to do what you want in that it will handle individual file
encryption as well as volume encryption. It has a macOS application that
could just be deleted again. Seems ok?

Ian


--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 1 Mar 2026, Ian McCall wrote
(in article<0001HW.2F54D8BA013BEACF305FDA38F@news.individual.net>):

Am no expert, but I found this: PicoCrypt <https://github.com/Picocrypt/Picocrypt?tab=readme-ov-file>
...with a bit of description here... <https://davescomputertips.com/picocrypt-a-simple-powerful-encryption-tool/>

It seems to do what you want in that it will handle individual file encryption as well as volume encryption. It has a macOS application that could just be deleted again. Seems ok?

Yes, all good except that it wonrCOt open. "rCLPicocryptrCY is damaged and canrCOt be opened. You should move it to the Bin.rCY

Could this be what the developer is warning about when he writes:

Warning: Picocrypt will cease to work on macOS in the future because Apple doesn't care about backwards compatibility. Once OpenGL is removed and/or GLFW compatibility is broken, Picocrypt will no longer work and it will be very difficult to fix. If you're a macOS user, you're probably better off using the CLI or Web version instead. Maybe also consider using an OS that actually somewhat cares about its developers and users...

MST

--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 2 Mar 2026, Martin S Taylor wrote
(in article<0001HW.2F558FD600628AF730E11E38F@news.eternal-september.org>):

Am no expert, but I found this: PicoCrypt <https://github.com/Picocrypt/Picocrypt?tab=readme-ov-file>
...with a bit of description here... <https://davescomputertips.com/picocrypt-a-simple-powerful-encryption-tool/>

It seems to do what you want in that it will handle individual file encryption as well as volume encryption. It has a macOS application that could just be deleted again. Seems ok?

Yes, all good except that it wonrCOt open. "rCLPicocryptrCY is damaged and canrCOt be opened. You should move it to the Bin.rCY

I found Picocrypt-NG, a new version (albeit not endorsed by the original programmer). This works after a bit of messing about with xattr. But it fails requirement 2 on my list, and probably requirement 1 as well.

But thanks for the thought!

MST

--- Synchronet 3.21d-Linux NewsLink 1.2