Frequently Asked Questions

Installation is not required. If the start scripts are used, they may have to be made executable on Unix systems.

Just delete the files: the jar archive, the resources folder, the file with the extension "path", the start scripts and possibly the error_log.txt file. All these files should be in the same folder.

Unfortunately no. Any way would compromise the security of the application. Use password managers and/or take backups beforehand. This makes the problem less likely to occur.

On all platforms on which a Java runtime environment can be installed. These are for example all Windows, Linux, BSD and Mac systems. The PEAs do not (yet) run on Android and iOS.

PEAs are written for the Java Virtual Machine, so one instance can be used from multiple platforms. The saved filenames that are displayed at startup are then not shown at the first start on a new platform.

There is no audit for the PEAs and no official reviews. Programs that are used by relatively few users are also reviewed less frequently.... and an audit can only be financed by large companies. Source openness makes review possible, but is not a guarantee that it will happen. Sorry.

A warrant canary usually informs users that there is no court subpoena. The PEAs are hosted in Germany. This means that, unlike in the USA, there is no National Security Letter (NSL). The situation in Germany is better, although not ideal either, but a Warrant Canary would not make sense here, because it is not forbidden to inform about authority requests. If there were a request, information would be provided here.

Transparency reports typically disclose how frequently governments have requested data. These are primarily user data, real-time traffic data or encrypted content data stored, for example, by e-mail providers, which are also frequently requested by German authorities per court order. Such data is not collected at all by the PEAs because the PEAs run on the users' own computers. There are no accounts and therefore no user data and no traffic except for the download of the application. Nevertheless, it may make sense to state: There has been no request from an authority as of today (12/31/2020). If there is any request, it will be published here.

Not according to current knowledge. Only symmetric cryptography is used with key lengths that are considered invulnerable by quantum attacks.

Encrypting individual files is much slower than encrypting entire partitions or hard disks. The platform independence also slows down the process a bit and prevents the use of processor instructions. It is possible to encrypt large files (movies...), but before that a warning message about the expected execution time appears. If you are only encrypting a few (about a hundred) files of a few megabytes, you won't notice much difference, but for files in the gigabyte range, a disk encryption programs are much faster.

When the files are packed into zip archives, their filenames are encrypted - you can also pack one file into a zip archive. However, other metadata such as the time of the last modification will still be visible.