Encrypted Messaging, The Puppy Way? [SOLVED]

[williams2]

rot13 was intended as an example of what you should never do.

Here is a version of rot13 written in perl. Perl is rather obfuscated by default.

Code: Select all

# echo 'The quick brown fox' | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'
Gur dhvpx oebja sbk

# echo 'Gur dhvpx oebja sbk' | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'
The quick brown fox
#

This would encrypt/decrypt the text in a file, results printed on the terminal:

Code: Select all

cat file.in | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'

This would encrypt/decrypt a file, results printed to a file:

Code: Select all

cat file.in | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/' > file.out

One way to obfuscate a script is to put it in a compiled executable. You can search the internet for "obfuscate shell script"

http://rosettacode.org/wiki/ROT13

[JASpup]

The demand for this project is to display a message on-screen that never exists as a deciphered file.

It's easy to password protect any document in an archive, but the extracted document need never be sitting around on storage media.

'Course it's also easy to capture anything, but when that's not deliberate, it's less likely to happen.

Let's scrap ROT13 for OpenSSL. It looks like -a adds a password for interactive use.

Should I write a bash script that runs cat after the password?

instead of:

Code: Select all

$ openssl enc -aes-256-cbc -d -a -in file.txt.enc -out file.txt

deciphered to screen?:

Code: Select all

$ openssl enc -aes-256-cbc -d -a -in file.txt.enc | cat

rot13 was intended as an example of what you should never do.

Here is a version of rot13 written in perl. Perl is rather obfuscated by default.

Code: Select all

# echo 'The quick brown fox' | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'
Gur dhvpx oebja sbk

# echo 'Gur dhvpx oebja sbk' | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'
The quick brown fox
#

This would encrypt/decrypt the text in a file, results printed on the terminal:

Code: Select all

cat file.in | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/'

This would encrypt/decrypt a file, results printed to a file:

Code: Select all

cat file.in | perl -pe 'tr/A-Za-z/N-ZA-Mn-za-m/' > file.out

One way to obfuscate a script is to put it in a compiled executable. You can search the internet for "obfuscate shell script"

http://rosettacode.org/wiki/ROT13

[williams2]

If you intend to communicate with Windows machine, you would need cross platform software. I don't know if openssl is available for Windows. Most Pups have openssl.

You can create files in /tmp/. Files in/ tmp/ are in ram.
If you have no swap space, data in ram won't get into swap space.

Code: Select all

# cd /tmp/
# openssl enc -aes-256-cbc -e -a -in file1 -out file2
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
#
# cat file2
U2FsdGVkX1+BZJpY+2TOakixRoLtSf219ZL+fMy7j9pBZWfcekyxnZMhOLvvokaX
# 
# openssl enc -aes-256-cbc -d -a -in file2 -out file3
enter aes-256-cbc decryption password:
# 
# cat file3 
This is
a secret message.
#
cp file2 /root/my-encrypted file
#

Code: Select all

cd /tmp/
#
# echo 'This is a secret message.' | openssl enc -aes-256-cbc -e -a -out file4
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
# 
# cat file4
U2FsdGVkX1/DP7SbdwDSqOQ6N4/DRd1xg8KEa4YKEZj8ZKKJGGb8/8YT4bvd45vC
# 
# openssl enc -aes-256-cbc -d -a -in file4
enter aes-256-cbc decryption password:
This is a secret message.
# 
# cp file4 /root/my-encrypted-message
#

You could write a script named enc:

Code: Select all

#!/bin/sh
openssl enc -aes-256-cbc -e -a -out /tmp/enc-file

Usage: to create an encrypted message in /tmp/:
cat file.txt | enc
or:
echo 'a secret message' | enc

And you could have a script named dec:

Code: Select all

openssl enc -aes-256-cbc -d -a

Usage:
cat /tmp/enc-file | dec
which would decrypt the file and print the message on the screen.

To paste an encoded message in an email, you would probably need to use uuencode.

[JASpup]

If you intend to communicate with Windows machine, you would need cross platform software. I don't know if openssl is available for Windows. Most Pups have openssl.

I've also read it requires installation.

Hopefully this is true: https://blog.devolutions.net/2020/09/tu ... inux-macos

Installing OpenSSL on macOS

By default, OpenSSL is already installed in macOS. However, your version may be outdated. If so, then you can install the latest version with Homebrew. After installing Homebrew, simply run the following command line:

Code: Select all

brew install openssl

EDIT: Change of plans. I just heard from recipient by instant message and they're in Windows on a HP.

[ThruHammer]

https://gpg4usb.org

[JASpup]

Here's ROT13 for Windows command line in C, yet the link is "Forbidden":
http://www.miranda.org/~jkominek/rot13/c/

[williams2]

openssl and pgpg are powerful encryption too;s/
rot13 is very very weak encryption, not the same thing at all.
If you want to use rot13, it's a 1 liner in Perl. Puppy has Perl builtin. Perl is probably included on Macs. Perl is certainly installable in Macs and Windows.

Gpgp (Gnu Pretty Good Privacy) can do most of what openssl can do and more.

ThruHammer, thanks for the link to gpgp4usb. I knew gpgp4win existed, I didn't know about gpgp4usb. I don't really need encryption.

JASpup, gpgp4usb can work on a usb flash drive, or from a hard drive. It works in Linux and in Windows. Doesn't seem to be available on Macs.
Files in /tmp/ in Puppy are in ram.

Websites like https://mail.tutanota.com/ allow you to send and receive encrypted emails without installing anything. Just signup for a free account, your emeils are on a webpage in your internet browser.

[JASpup]

@williams2 thanks for the pointers.

Maybe this makes sense: Weak encryption is better than blind trust.

If I could just 'do anything' this would be done, but I have this idea if I can't follow my neophyte bridge hack idea, I'm probably going to learn mail reader encryption.

Does any decipher-to-screen encryption exist for Windows without installing anything?

The reason the OpenSSL would have worked is decipher-to-screen demands investigating OpenSSL like I'm doing now to realize the output could be written to a file, and it uses a password.

You wouldn't see the text at all without the password, and the password holder wouldn't have the output as a file without deliberate intention.

That's why a compiler is so attractive - how you see what you see isn't obvious.

gpg4usb may be possible... more learning.

[williams2]

Does any decipher-to-screen encryption exist for Windows without installing anything?

gpgp4usb will run in Windows and in Linux 32 and 64 bit. It runs in Bionicup64. There does not seem to be a Mac version.

The program has a gui interface (buttons to click.)

You can encrypt a message by typing it or pasting it in the gui window, then select which public keys you want to use to encrypt the message, then click the encrypt button. The message will be created and you can copy and paste the encrypted message, to a text file or an email etc. Like this:

Code: Select all

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

hQIOAyMSkNPsVUnVEAgAsjtKoiWBZ0dwuPTclbkClU5Xo9OBNsCRlOuOYguEDzVt
NKOwy14dqSLsP0RWYYiN9wMopWcDjgkOKSpvD3ANT2hYu5Ec2Fi1HNFmuGCzev/a
rqU5QyNRMbTvbeBTJtd0iNAZyHJrlSu2PL5CrUJl5Q4oBunhSeTOMUtM6eny/BIF
9dqpZ46+/HSisAP8sTzGI8sdXSBGcnz50/gcQBKDJ8gzcdoXq/jBfdLNPiV8yBH5
epbq6pfcEn0RFRtAsseek21m69r3B319T8nrKnfQEa1juhjiKPvlZX4vTxZhZixV
1GUaeHAb5GJ0PJ5TAi/V/eNFc9N6h7aT9XfTczfuBggAvsHMmUPv5Hn6ruX0MYOl
cN01//zuexsQ/CrZrCO6kopVHv+1yfglC8Tk5wk1GWqkwq/u9Dlz6dOg0+KYEBWG
6tZdXsx6pYnRwTRGjppRze6mu+0bSwRPrtA4iB5CLXjqxZ4AWpb6rMB6OXyo7nQU
pfLazcaGF3V5dtQEzU4WF15A51a14XgabojRcDzrE6H1aisss7XOnVsT6vrm5G39
DYkc6F+pCmH/PurwpKTxxtbmcX+Gaw7zyAyr/wA8pIL0W7JH+3dMP2XmeVIjI0fW
JXn3k04XYEIkuQsbcd6lI/DLfCAJbWHrdGAMo5TnTPlqEjVRFNIx089i4rndT2sj
YdJUAX0A8ZTF9/HvSzzUdbDX8p9ZOcVlc4mdUIUNH4z81ct1YuHP3inyhf6c+4ey
oRCOvOgbXxbcPcD0f1KhVzj3NtnCTVNGpjJZR2CJSMKGBa5EvbP+
=d7LV
-----END PGP MESSAGE-----

You can copy paste the encrypted message in the gpgp4usb window, then click the decrypt button to display the message in the gpgp4usb window. You can read the message, save it if you wish, copy paste it if you wish.

EDIT: You can install gpgp4usb on a usb flash drive, or on the hard drive, of course.

[williams2]

There is a rot13 windows executable (closed source) about 6k bytes, here:

https://www.softpedia.com/get/Security/ ... 3-JR.shtml

There are some rot13 windows executables on sourceforge, the 2 or 3 I looked at were more than 1MiB. Seems bloated to me.

[JASpup]

https://gpg4usb.org

Do you use this yourself?

I had some thoughts:

gpg4usb does not run from usb flash drive on linux

Where might it run?

Gpg4usb does not start on 64bit linux

Instructions for Puppy 32 libraries on 64?

https://gpg4usb.org/faq.html

E-mail for key generation is just a label?

[JASpup]

I've never used the technology before, but my understanding is the public key is going to be generated by the recipient, and that's what I'm using to encrypt, so they have to get the app before I use it?

What you wrote about uuencode caught my attention. I remember it from Usenet. GPG output is binary requiring uuencode for sending as a non-attachment?

gpg4usb looks open source and relatively non-threatening to my naive eye.

> 1mb definitely looks bloated for simple ROT13.

Does any decipher-to-screen encryption exist for Windows without installing anything?

gpgp4usb will run in Windows and in Linux 32 and 64 bit. It runs in Bionicup64. There does not seem to be a Mac version.

The program has a gui interface (buttons to click.)

You can encrypt a message by typing it or pasting it in the gui window, then select which public keys you want to use to encrypt the message, then click the encrypt button. The message will be created and you can copy and paste the encrypted message, to a text file or an email etc. Like this:

Code: Select all

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

hQIOAyMSkNPsVUnVEAgAsjtKoiWBZ0dwuPTclbkClU5Xo9OBNsCRlOuOYguEDzVt
NKOwy14dqSLsP0RWYYiN9wMopWcDjgkOKSpvD3ANT2hYu5Ec2Fi1HNFmuGCzev/a
rqU5QyNRMbTvbeBTJtd0iNAZyHJrlSu2PL5CrUJl5Q4oBunhSeTOMUtM6eny/BIF
9dqpZ46+/HSisAP8sTzGI8sdXSBGcnz50/gcQBKDJ8gzcdoXq/jBfdLNPiV8yBH5
epbq6pfcEn0RFRtAsseek21m69r3B319T8nrKnfQEa1juhjiKPvlZX4vTxZhZixV
1GUaeHAb5GJ0PJ5TAi/V/eNFc9N6h7aT9XfTczfuBggAvsHMmUPv5Hn6ruX0MYOl
cN01//zuexsQ/CrZrCO6kopVHv+1yfglC8Tk5wk1GWqkwq/u9Dlz6dOg0+KYEBWG
6tZdXsx6pYnRwTRGjppRze6mu+0bSwRPrtA4iB5CLXjqxZ4AWpb6rMB6OXyo7nQU
pfLazcaGF3V5dtQEzU4WF15A51a14XgabojRcDzrE6H1aisss7XOnVsT6vrm5G39
DYkc6F+pCmH/PurwpKTxxtbmcX+Gaw7zyAyr/wA8pIL0W7JH+3dMP2XmeVIjI0fW
JXn3k04XYEIkuQsbcd6lI/DLfCAJbWHrdGAMo5TnTPlqEjVRFNIx089i4rndT2sj
YdJUAX0A8ZTF9/HvSzzUdbDX8p9ZOcVlc4mdUIUNH4z81ct1YuHP3inyhf6c+4ey
oRCOvOgbXxbcPcD0f1KhVzj3NtnCTVNGpjJZR2CJSMKGBa5EvbP+
=d7LV
-----END PGP MESSAGE-----

You can copy paste the encrypted message in the gpgp4usb window, then click the decrypt button to display the message in the gpgp4usb window. You can read the message, save it if you wish, copy paste it if you wish.

EDIT: You can install gpgp4usb on a usb flash drive, or on the hard drive, of course.

[williams2]

Code: Select all

gpg4usb does not run from usb flash drive on linux

You don't really install it. You just unzip it anywhere (I unzipped it in /tmp/)

It works in BionicPup64. I have not tried FossaPup or any 32 bit Pups.

Gpg4usb does not start on 64bit linux

It runs in BionicPup64.

I suspect the email address does not have to be a vaild one. Not really sure.

[JASpup]

Code: Select all

gpg4usb does not run from usb flash drive on linux

You don't really install it. You just unzip it anywhere (I unzipped it in /tmp/)

It works in BionicPup64. I have not tried FossaPup or any 32 bit Pups.

Gpg4usb does not start on 64bit linux

It runs in BionicPup64.

I suspect the email address does not have to be a vaild one. Not really sure.

O-kay, That's reassuring. It's less picky than their caution. Since this isn't a mail program I assumed the address is just the id field for the key. There's only one e-mail address but names are too generic?

[williams2]

GPG output is binary requiring uuencode for sending as a non-attachment?

No, gpgp output is pastable as text, uuencode not required.

pgp is Pretty Good Privacy.
gpgp is Gnu's implementation of pgp.

If you do not like or trust Gnu, then you will not like or trust (Puppy) Gnu-Linux.

[williams2]

You can experiment, and just delete the dir and unzip it again to start again from scratch, for example, to make a new keypair.

To send a message to someone, you need to import their public key first.

There is already a public key in the database, so you can practise encrypting messages using that key, without needing to import anyones public key first.

[JASpup]

GPG output is binary requiring uuencode for sending as a non-attachment?

No, gpgp output is pastable as text, uuencode not required.

pgp is Pretty Good Privacy.
gpgp is Gnu's implementation of pgp.

If you do not like or trust Gnu, then you will not like or trust (Puppy) Gnu-Linux.

It's just about motives on both sides. My motive for security is high, why I'm seeking encryption in the first place.

And I imagine an unethical encryption expert could wreak havoc on users. It sounds like a pirate's goldmine: Make an encryption tool sticky and easy and cheap like glue for trust then go in for an attack when the spoils outweigh continued legitimacy of the tool (reputation) -- no hacking required.

Look like it's German to my benefit - less motive and means to cause trouble for an American.

[JASpup]

You can experiment, and just delete the dir and unzip it again to start again from scratch, for example, to make a new keypair.

To send a message to someone, you need to import their public key first.

There is already a public key in the database, so you can practise encrypting messages using that key, without needing to import anyones public key first.

I'll try it.

[ThruHammer]

All good, williams2. Nod goes to this cat.

[JASpup]

All good, williams2. Nod goes to this cat.

Laconic, yes. My very distant memory assumed a Mac, and recipient pointed out that the reason is probably because their monitor was white.

My next assumption is today they use a browser for personal e-mail which is why I wouldn't go reader encryption first, as mentioned by your cat who presumably made gpg4usb who also posted in this thread.

He seems fluent, but someone could have helped him with site grammar.

It's a different approach: instead of trying out a new technology and abandoning it for a lack of social adoption, I'm trying to socially cull a contact into using encryption based on need.

It looks like an effective tool.

Hopefully I've got a taker.

[JASpup]

You could write a script named enc:

Code: Select all

#!/bin/sh
openssl enc -aes-256-cbc -e -a -out /tmp/enc-file

Usage: to create an encrypted message in /tmp/:
cat file.txt | enc
or:
echo 'a secret message' | enc

Can this be enchanced to include file name prompts or command line arguments, either via OpenSSL options or shell scripting?

E.g., say I don't want a pre-ordained file named "enc-file" in /tmp.

https://www.openssl.org/docs/man1.1.1/man1/enc.html

[williams2]

If the script is named aes:

Usage: aes source-file encrypted-file

Code: Select all

openssl enc -aes-256-cbc -e -a -in "$1" -out "$2"

Usage: cat source-file | aes encrypted-file

Code: Select all

openssl enc -aes-256-cbc -e -a -out "$1"

Usage: cat source-file | aes > encrypted-file

Code: Select all

openssl enc -aes-256-cbc -e -a

Usage: aes < source-file > encrypted-file

Code: Select all

openssl enc -aes-256-cbc -e -a

There are many ways to do the same thing, or almost the same thing.

To decrypt, change -e to -d
-a uuencodes it to base64, for example, for email.
You probably don't want -a to encrypt a binary file on your haed drive.

https://linux.die.net/man/1/enc
https://linux.die.net/man/1/openssl

aescrypt is similar to bcrypt. I compiled the cli version of aescrypt and made a .pet (25k)
I'm not sure how legal it would be to upload.
https://www.aescrypt.com/

[JASpup]

You probably don't want -a to encrypt a binary file on your haed drive.

Why? One of my goals was to OpenSSL binaries, starting with .rtf & .doc files. Here-to-fore they're in encrypted compression archives, yet a lot of the time saving space isn't important. Not sure what tools don't work well with binaries.

I'm using Vera right now in another workspace. It's working but seems fairly sophisticated. EncFS will happen for dynamic storage sizes and gpg4usb for messaging.

aescrypt is similar to bcrypt. I compiled the cli version of aescrypt and made a .pet (25k)
I'm not sure how legal it would be to upload.
https://www.aescrypt.com/

Too difficult to break? Not sure what the legal boundaries are.

I would use one tool if it were practical. My goals are modest:

Secure messaging with one contact (the inspiration for this thread) hope: GPG
Encrypt anything in dynamically-sized media not for transmission hope: EncFS
Encrypt single files on-the-fly hope: OpenSSL

Ironically I'm starting #2 in VeraCrypt's non-shrinking volumes.

If OpenSSL isn't good for binaries I'll probably stick with compression archives (e.g., 7z). If aescrypt does what OpenSSL does including binaries maybe that's the tool to use.

Using the AES encryption scheme on single files, why aescrypt over OpenSSL?

[williams2]

CLI is Command Line Interface - typing commands in a text terminal (console),
as opposed to a GUI (Graphical User Interface) - pictures of buttons to click, boxes to check/uncheck etc etc.

A file with BASE64 type encoding is about 33% larger than the original file. And it is work for the computer to encode and decode it. Unless you really want to be able to copy/paste the encoded file as text, there is probably not much point. You can usually send a non-text file as an email attachment, or upload it to a file sharing web service.

The aescrypt download pages refers to it being illegal in the US for the software to be downloaded by people in certain countries, like Iran, Cuba, etc etc.I think the web page checks your ip address when you download it. If the Puppy forum's server is located in the US (I haven't looked), that might have some sort of legal ramifications. Or not.

Open SSL is an implementation of SSL. SSL is used by web browsers to encrypt and decrypt web pages. Every time you look at an https:// web page, you are using ssl. And programs like wget and curl use ssl, usually the shared object library files.

Code: Select all

# find /usr/lib/ -name "libssl*"

aescrypt is like Puppy's bcrypt, but aes is stronger than blowfish. And Bcrypt can automatically compress the source file before encryption, and can automatically shred the original file after it is encrypted.

https://www.privacytools.io/

afo - Aggressive file obliterator and bcrypt:
www.murga-linux.com/puppy/viewtopic.php?t=98228

[JASpup]

@williams2 since you've been kind enough to shed some light on new possiblities and walk me though this, I'll share some of the practical import:

My communication collaborator is a work over-burdened PhD who has neither the peace of mind for my private messages nor for learning asymetric encryption.

I choose a bad time.

They WILL read a no-thought message, but when they don't have the headspace for the private message itself, it's not worth it on my end.

Messaging is related to their field, so it may not be perpetually for nought.

You helped me narrow this down to four, including a mail reader and OpenSSL, but the thoughtless alternative would a message 'program' that would execute in Windows, i.e., have the password match some string and display a message encoded in an executable.

Seems really easy from my non-programmer perspective. GCC is in the PPM. <stdio.h>

All I would need to find is a password routine and either be able to put the text in the code or call an external command that would decipher and display an encrypted file, whatever keeps recipient-thinking near zero.

In OpenSSL I've been toying around and see what you're referring to--the -a switch uses a reduced character set making a larger file.

What I don't understand is the draw or reason to avoid. It seems like any file that can't get through e-mail attachment filters on its own can be masked in an archive to get through.

We can OpenSSL encrypt any binary?

Any OpenSSL encrypted file can use the reduced character set or not if there are no binary hazards?

I have been using it, but learning isn't happening fast enough for me.

E.g., I just realized .7z encryption is AES, but don't find the terminal version documentation thorough enough.

-m{Parameters}: set compression Method

I thought this meant I could use .zip, .gz, .bz2, but these aren't available on the command line version?

More learning to follow...

[williams2]

It is possible to use encrypted webmail.

For example: https://tutanota.com/

https://tutanota.com/blog/posts/email-e ... pted-email

How to encrypt an email inside of Tutanota

The asymmetric email encryption in Tutanota takes place automatically. Here's how it works:

1) Sign up with Tutanota.
2) Make your friend sign up with Tutanota.
3) Send him an email.

#2 is the problem. you could create an email account for your collaborator, and send the url link and the password, so it could be used immediately, no need to create an account. But even that might be too much.

How to encrypt an email outside of Tutanota

The symmetric email encryption in Tutanota takes place semi-automatic. This means, the encryption is automatic, but upon sending an email, you need to set a password which the recipient needs for decryption.

1) Sign up with Tutanota.
2) Write an email to your friend and set a password right under his email address.
3) Share the password with your friend via a secure channel (e.g. in person, via Signal).
4) Your friend gets a notification email from Tutanota, which lets him open the Tutanota login site. He can enter the password to decrypt your message. He can also reply end-to-end encrypted.

This method uses the collaborator's normal regular email address. The collaborator is sent a link to click. Clicking the link shows a web page that asks for a password. He/she must know the password. Entering the password shows the decrypted email. He/she can reply and the reply also will be encrypted.

I can't think of anything much simpler.

[williams2]

the thoughtless alternative would a message 'program' that would execute in Windows, i.e., have the password match some string and display a message encoded in an executable

You can make a self extracting 7zip sfx file for Windows. Just click the file to unzip it, 7zip does not need to be installed on the other machine. The person needs the password, of course.

croc can send an encrypted text message.
Without looking at the documentation, you would type something like:

croc send --code message-from-JASpup --text "a secret message, could be a password for another program"

The other person would type something like:

croc message-from-JASpup

and the message would be displayed in the cmd dosbox window.

[williams2]

We can OpenSSL encrypt any binary?

You can encrypt any normal file, whether containing text or not.

You can use some sort of BASE64 to encode any file with binary (that is, not just text-only) file.
There isn't much point unless you want to paste the encoded text only file in something that can only handle text. Like in an email.

openssl can't decrypt aescrypt files.
aescrypt can't decrypt openssl files.

[williams2]

GCC is in the PPM. <stdio.h>

You do not want to install GCC using PPM Puppy Package Manager. It would be difficult to get it to work properly.
You do want to download and use the devx sfs file, probably using QuickPet.

You usually do not want to write your own encryption software anyway. It is very very very easy to get it wrong.

[JASpup]

I can't think of anything much simpler.

More Germans -- tosim mentioned tutanota on page one.

It's tedious to do what we're doing but necessary before communicators are on the same page when abbreviations and terse posts connect.

Still the same, not American is safer for me, but the thought of using a 'service' to ensure security is another leap of trust.

Our computers don't require any services to encrypt messages, and the pathways between vary security risk, but there has to be a motive to intercept, decipher, and analyze messages for content.

Seeking an online service specifically for security reads like a red flag for sensitive information to seek.

My Android Gmail account was hacked. They got the recovery email. I have no idea how it happened, but my first guess is malware on the associated phone.

They deleted a lot of data in my Drive account. I had some pictures and other documents in encrypted .zip archives with a simple password. I don't remember it all, but they were deleted. After downloading? Who knows.

In the recovery email I had a folder named "attack" for suspiciously > SPAM emails, and that was cleared by the hackers. It may have started there instead. The evidence in both accounts is deletions.

Good to learn of another option with tutanota and it does appear simple. My caution would be trusting the service itself.