Slashdot Mirror

← Back to Stories (view on slashdot.org)

PKWare Zips to Growth

Posted by CowboyNeal on from the old-school-compression-algorithms dept.

Rob Kennedy writes "The Milwaukee Journal Sentinel has a story about PKWare's new business plan. It talks about the investment group that bought the company after founder Phil Katz's death in 2000, and the plan for PKWare to produce what president and COO Timothy H. Kennedy (no relation) calls 'the next generation of zip' by adding various security features."

29 of 310 comments (clear)

  1. What kind of Security features? by Qender · · Score: 5, Interesting

    Might these security features include paying per zip file or something?

  2. Doesn't PGP do this? by yatest5 · · Score: 5, Interesting

    When I PGP a file, it shrinks to same or smaller than when I standard zip it. Isn't that secure / small? Or am I horribly confused?

    --
    • Mod parent up! [a] by Anonymous Coward (Score:5) Thurs, June 31, @13:37
    1. Re:Doesn't PGP do this? by sql*kitten · · Score: 3, Interesting

      When I PGP a file, it shrinks to same or smaller than when I standard zip it. Isn't that secure / small? Or am I horribly confused?

      Yes, encryption benefits from compression because it makes the data look more random - there are fewer repeating patterns in the plaintext once it's compressed so there are fewer patterns in the ciphertext too(i.e. it's harder to do a dictionary attack).

      I get great compression results from creating archives as .tar.pgp, slightly better than .tgz and much better than .zip with "encryption" turned on, and much more secure too.

    2. Re:Doesn't PGP do this? by Corporate+Troll · · Score: 2, Interesting

      Since I don't use XP, could you please elaborate the difference between "Compressed Folders" managed by the NTFS system (supported at least since NT4) and the integration of the zip format in Windows XP. As far as my understanding goes a compressed folder is just that: a folder and the data attached to is compressed. A different beast than a file that contains compressed data.
      I personally like to see that an archive is one single file. It helps me understand what the machines does, and I like it that way. What happens when people want to email such a compressed folder? Is it mailed as a .zip file and how does the receipient's XP machine reacts to such an incoming file?

  3. Encryption and compression make a lot of sense... by Max+Romantschuk · · Score: 5, Interesting

    Since a Zip has to be decompressed anyway it makes a lot of sense to integrate encryption. It's easier to unzip once compared to unzipping and then unencrypting or vice versa.

    Now, integrate this with email attachments and we're on a roll :)

    --
    .: Max Romantschuk :: http://max.romantschuk.fi/
  4. Are zips still relevent? by 91degrees · · Score: 5, Interesting

    Most of the files I want to send are not going to compress to well in the fisrt place. Nowhere near enough entropy. The only files that will actually benefit are source code and binary executeables.

    Okay, there may be some specialised industry data formats for microchips and the like, but the really large files tendto be things like pictures and videos. These are already compressed using standard lossy techniques. zipping these won't work.

    1. Re:Are zips still relevent? by knuurius · · Score: 4, Interesting

      I use zip for the ease of sending hundreds of files in one file and not very often for compression reasons.

    2. Re:Are zips still relevent? by Surak · · Score: 4, Interesting

      You know all those foosetup.exe InstallShield and similar formats? Most of those are either CAB compressed (Microsoft), but many of them are still PKZIP compressed.

      --
      My journal has hot /. gossip.
    3. Re:Are zips still relevent? by AKnightCowboy · · Score: 4, Interesting
      (Although maybe someone will prove me wrong and say 'I update existing zipfiles every day, it's an essential feature, what I do is...'.)


      It IS an essential feature and I do use it all the time. Being able to pop up Winzip and read individual files in an archive without extracting the whole thing (which can be hundreds of megs) is much better than the tar/gzip approach that's standard on UNIX systems. Hell, even Sun realizes that. Their recommended cluster patches are distributed in a zip archive so you can easily pull out individual patches without unarchiving the whole 50+ megs and thousands of files.

    4. Re:Are zips still relevent? by tswinzig · · Score: 3, Interesting

      IMHO, since 99% of the time all you do with archives is create them or extract them, it's not worth implementing features like 'add to archive', 'delete from archive' or 'update archive'.

      You are crazy. Those features were made and are perfect for automated processes. Every day I have an AT process that runs (like a cron job for NT), and ADDS a single web server logfile to an existing monthly zip file. The log files are each around 80MB in size. At the end of the month, I archive the zip to CDROM.

      Therefore the Unix model of tar and then a separate compression program makes more sense

      What exactly does it offer over zip? You want something like tar, use zip without compression. You want something like .tar.gz, use zip with compression. We got it covered. How often do you create uncompressed Tape ARchives in the windows world?

      --

      "And like that ... he's gone."
  5. Great by e8johan · · Score: 4, Interesting
    This seems like a good plan. I'd like zips to have:
    • global password (for the filelist)
    • per file(s) password(s) (for groups or individual files)
    • version management (store changes, but keep the original)
    • signing (both global and for file(s))
    • execution abilities (oops, could trigger viruses, must be signed, but for example decompress files and compile 'em)
    What I would also like is for them to go open source and actively support *nix (including Linux and MacOS X).
    1. Re:Great by zwoelfk · · Score: 2, Interesting

      I agree. But it would suit me better if it was built into the OS. I want an (optionally) compressed, (optinionally) encrypted, journalled filesystem that is not fundamentally linked to the media it's on. So I can just extract/copy an image (subset) to CDR or floppy and mount it then sync it up later.

      This seems like a good plan.

      What plan? I mean zip already has encryption (bad), this'll just make it better. I didn't read anything in the article that they would offer me (as a business) that I don't already have. It's pure hype. I want real details and a real development roadmap!

  6. Cool moment. by Soulslayer · · Score: 5, Interesting

    One of the coolest moments of the many GenCon Game Fair's that I attended in Miwaukee, WI was when a panel consisting of most of the premiere Origin producers including Richard Garriot and Warren Spector took a question from the crowd during the Q&A session and when the nervous speaker said, "Well I have a programming question...and...um.. well I'm from a little company in town...do you know PKWare?"

    And all the members of the panel looked at one another and then started doing the Wayne's World bow and chanting, "We're not worthy! We're not worthy!"

    Then Warren (if I remember correctly) made a mildly sarcastic and admonishing comment towards the poor PKWare dude along the lines of, "Hey man you guys have saved us tons of money on media. We use Zip all the time. Of course we know your company." (games of the era were beginning to approach some 30 floppy discs compressed and CD-ROM had not yet become an affordable alternative)

    It's nice when a little mostly unkown (at the time) company making software compression utilities gets recognition from a (at the time) powerhouse game development company like that.

    --


    Once more unto the breach dear friends...
    1. Re:Cool moment. by Traygames · · Score: 2, Interesting

      That's pretty funny that you remember it. I was the 'pkware dude'. PKWare is where I cut my teeth as a programmer, and where I learned everything I needed to know to start my own business (i.e. "cripes, if Phil can do it, I sure as hell can").

      I have a lot of fond memories of my PKWare days, and a lot of lingering frustrations and regrets that amazingly have not put me in therapy yet.

      There was a time around then that I could walk up to damn near any computer I saw and type 'pkunzip' and get a response...

  7. Could work by Anonymous+Cowdog · · Score: 5, Interesting

    The .zip format has great inroads into the corporate world, whereas PGP is still a geek's toy. By leveraging (cough) the massive usage numbers, they could be successful with this. Of course, it remains to be seen what features they want to add. But enough zip files fly around corporate networks without security, that it does make sense to improve PKZip in that area.

    On the other hand, WinZip has a a head start, as the preferred way to deal with zip files for most people. And the PKWare website seems to come up blank on Mozilla, not an encouraging sign.

    But what I really want is security for my PDA data, so it is secure over the network, and secure on the hard drive of any PC, even a PC that others have access to. Can zip help with this? Not sure.

  8. They are not targeting users anymore. by Dog+and+Pony · · Score: 3, Interesting

    The company's sales efforts are now focused on corporate customers.

    And why companies should listen:

    The company has crafted a new partnership with RSA Security Inc., which will lead to merging zip capability with security features in the same programs.

    Maybe that'll be enough.

    I'm pretty sure the shareware business model for these guys would be dead anyway whatwith some other competitors being so well known and wide spread there days. Can you say "WinZip"? (Yuck, bad, bad program.)

  9. I would really, REALLY... by Blingin'+AMD · · Score: 2, Interesting

    Like to see an effective stream compression system... That way mebbe one day we can actually SEE the REAL sites that have been slashdotted!!

    --
    Now watch this drive.
  10. Re:Encryption and compression make a lot of sense. by vadim_t · · Score: 2, Interesting

    From what I've read, compression helps, but not much because most compression algorhitms generate some very predictable data. For example, ZIP files begin with "PK". That alone could be enough to help decryption.

  11. Re:Encryption and compression make a lot of sense. by akruppa · · Score: 5, Interesting
    Hopefully, if this is what they want to do, they will do better than the embarrasingly insecure "encryption" that the old DOS PKZip included (a cryptographically-weak LFSR-based stream cipher).

    Yeah, the cipher was pretty weak. Interested people might like to read the paper A Known Plaintext Attack on the PKZIP Stream Cipher by Biham and Kocher. Esentially, a string of 13 known bytes and a few hours on a good PC will decrypt the rest of the file.


    But what's even worse, imho, is the horribly bad implementation. They encrypted only the file contents; file name, size and (what were they thinking?) the CRC were all in the clear. If you were using encryption to hide the fact that you possess a file you're not meant to, Pkzip will do you in real nice.

    All in all an excellent example of how crypto works not.

    Alex

    --
    Heisenberg may have been here
  12. Re:so you 8) when Bill stole it by Anonymous Coward · · Score: 2, Interesting

    Yes, Zip support is built into WinXP, but utilities like WinZip, PicoZip and WinRar will still be needed by many people. There are tons of very useful features that are just not available in the Zip support in XP. You might want to take a look at the features list on those sites to get an idea.

  13. Hope it has better milage than Winzip by nighty5 · · Score: 3, Interesting

    I remember when Winzip came out and PkZip didnt really have it together in terms of a GUI, when companies started seeing the benefit of using compression Winzip came along and took most of the market only because it had a half decent GUI, Pkzip's was pretty shoddy, if anything Winzip had better icons heheh.

    Not being a troll, but ever sick of the woes of the 2 gig limit on zip's data structure. (I'm in data engineering and usually work with files over 6 gig) Other missing features were not being able to easily click on a few files/dirs and select the size of the volumes (disk span) and save the files to the current dir without sticking in floppies one at a time, poor password/encryption security.

    Winrar on the other hand has had their features for years including an 8 gig limit on rar's, (one of the major reasons i *had* to switch) you can also setup policies so each time you create a rar it will follow the policy you setup originally in the configs.

    Supports multiple NTFS file/permission streams among other things.

    I hope the new PK Inc can live up to some of the features in rar, they may have a good chance...

  14. zip & unzip everytime. by DrXym · · Score: 4, Interesting
    pkzip/pkunzip were great tools, make no mistake but these days there is little reason to use them unless you're DOS bound. Perfectly fine open source versions exist and the likes of WinZip and XP's own zip folder extension cover the GUI side.


    On the subject where the zip format should go, I believe it would be nice to see some new compression algorithms - I believe the header has space to define new types. The bzip2 algorithm would be a lead candidate. It would also be nice to see encryption and signing capabilities incorporated, perhaps based on the Java archive (jar) format.


    Another thing that would help compression were if there were something akin to the tar / cabinet file mechanism for compression, where the entire contents and manifest are concatenated and compressed as a single entity rather compressed individually. This would allow for some very tight distributables.

    1. Re:zip & unzip everytime. by zeugma-amp · · Score: 2, Interesting

      That is true.

      Back in the days when I was DOS-bound though, pkzip was an excellent utility. My favourite feature was disk spanning, meaning I could create single volumes that consisted of multiple floppies. Back when removable media was mostly limited to 1.44M floppies, that was an invaluable tool.

      For a long time I was (probably still am for that matter) the only person I personally knew with a legitimately registered copy of PKZip.

      --
      This is an ex-parrot!
  15. Re:Yes by tomstdenis · · Score: 3, Interesting

    or just support bzip2?

    It beats deflate all the time and is free too.

    Tom

    --
    Someday, I'll have a real sig.
  16. Joe Home User.... by Tsali · · Score: 2, Interesting

    (Trollish post coming...)

    ... so Joe User is going to encrypt/decrypt zip files? And he'll pay for the this when it was offered as shareware before?

    Joe User doesn't care. Joe user has an internet connection, MS Works, and couldn't tell the difference between a firewall and a firefly.

    I think they'll lose money and people will use the regular format because its out there and you can encrypt it however you please now if you feel like it. Who would pay for this?

    For all the spyware they crammed into their product, you would think their marketing department would have done a better analysis on future market share...

    --
    This space for rent.
  17. Encryption by Bj�rn · · Score: 2, Interesting

    If you want a zip utility with good encryption now, UltimateZip is a pretty good WinZip clone. It is free (as in gratis) for private and commercial use and has an extra meny command that can encrypt/decrypt with AES Cipher Rijndael. It's only for Windows though.

    --
    Never express yourself more clearly than you are able to think. --Niels Bohr
  18. Re:Simple: Implement zip filesystem. by seann · · Score: 2, Interesting

    too bad you can't
    cd compressed.zip \
    cp Jenna Jameson - that Special Nite she came over.avi D:\pr0n

    knah know?

    --
    I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
  19. Re:Encryption and compression make a lot of sense. by jonathanclark · · Score: 5, Interesting

    Since a Zip has to be decompressed anyway

    While until just recently, this was true - now you can create a "ZIP" file that doesn't decompress. The idea is instead of decompressing the files to disk, a tiny user-mode OS is inserted between the application that needs to use the data and the compressed data. The new OS does transparent decompression/decryption and to the application it appears the files reside on the hard drive. The OS provides streaming decompression so only small blocks are decompressed at a time and the memory requirements are very low. Yes, the data is present in memory in unencrypted form at some point so it is possible to hack - but it provides a pretty good level of data security.

    The cool thing is that the archive size is usually the same size as a ZIP, but it runs directly with no install and no decompression time. Usually applications load 2x faster in this state.

    This is something I've spent the last year working on. Checkout here

    --
    -- Virtual Windows Project
  20. WinRar? by goofy183 · · Score: 2, Interesting

    I have been using WinRar for years, it's been the easiest to use and most versatile archiving program for windows I have ever used. (yes this is a shameless plug but I think the product is that good) It completely supports the .rar and .zip formats along with being able to extract and/or decompress the following formats CAB, ARJ, LZH, TAR, GZ, ACE, UUE, BZ2, JAR, ISO.

    The integration into the shell and the multitude of options for RAR archives like solid archives (treating the data as one big file to get better compression), recovery data (allows a good portion of a damaged archive to be reconstructed with little space overhead).

    Overall I wish that rar would become the de facto standard (it's not completely free but 90% of the functionality is). The compression gain over zip is incredible and it's A LOT easier to use.