Alcyone SecureAlcyone Secure
Get Black Box
FLIGHT DATA RECORDER FOR YOUR DEVICESTATUS · SHIPPING · WIN 10/11v1.0.0 · APR 2026

They fixed your device.What else did they open?Recorded.

Black Box is a forensic flight recorder for your computer. It quietly logs every USB connection, file access, and login while your device is out of your hands — and signs each entry into a chain that proves nothing has been altered.

Free download — WindowsSee how it works
✓  No card required✓  4.41 MB installer✓  SHA-256 verified
FDR-MK.II · STREAM
CHAINVERIFIED

SESSION

A3F2-9C1A-4F0B

EVENTS

1,284

LIVE EVENT STREAMtail -f blackbox.log
01280[INFO]blackbox.svc started#9c1a4f
01281[OK]session A3F2 chain=genesis#0b88e1
01282[+]usb_inserted vid=0781 pid=5583#f10c22
01283[+]file_open C:/Users/me/notes.docx#3a7e90
01284[HIGH]etw bulk_copy detected (robocopy)#c54bd7
01285[CRIT]anti_debug attach_attempt#a01284
01286[+]login user=svc-tech via=remote#5e2913
01287[OK]shadow_copy aes-256-cbc OK#62a4f8

INTEGRITY

100%

ENCRYPT.

AES-256

WATCHDOG

ACTIVE

UNIT 0001 / WIN-x64ALCYONE SECURE

PROTECTION FOR

  • 01Students
  • 02Lawyers
  • 03Doctors
  • 04Journalists
  • 05IT teams
  • 06Repair shops
  • 07Healthcare
  • 08Law firms
  • 09Security teams
§ 01The problem

The risk nobody
talks about.

Every year, thousands of people hand their devices to strangers — repair shops, IT departments, service centres. What happens next is invisible to you. The most damaging breaches leave no fingerprints; the technician returns a “fixed” machine that now reports to someone else.

THREAT / 01•••

Unauthorized file access

Technicians can browse, copy, or exfiltrate personal documents, photos, and sensitive files without leaving obvious traces.

THREAT / 02•••

USB data copying

A plugged-in USB drive can silently copy gigabytes of data in minutes. Standard antivirus software does not detect this.

THREAT / 03•••

Credential theft

Saved passwords, browser sessions, and authentication tokens are accessible to anyone with physical access to a logged-in machine.

THREAT / 04•••

Installed backdoors

Remote access tools can be installed in under 60 seconds. You return with a repaired device that now reports to someone else.

§ 02Process

Four steps.
Two minutes.

Install once. Activate before any handoff. The recorder runs as a quiet Windows service that survives reboots, signs every event into a hash chain, and produces a tamper-evident report on demand.

  1. 01STEP

    Install Black Box

    Download the 2.9 MB installer. Create your account. Takes under two minutes.

    C:\> blackbox.exe /install ✓ service registered
  2. 02STEP

    Activate before handoff

    One click starts a protected session. Black Box begins recording silently as a Windows service.

    [OK] session_id=A3F2 chain=genesis
  3. 03STEP

    Device gets repaired

    Every USB connection, file access, login, and system event is recorded with full timestamps.

    [+] usb_inserted vid=0x0781 pid=0x5583 serial=…
  4. 04STEP

    Review the evidence

    Generate a cryptographically verified forensic report. Every event is tamper-evident and legally admissible.

    report.pdf sha256=9c1a… signed=ok
§ 03Mechanism

Forensic-grade.
By design.

Eight independent mechanisms. Each one makes tampering visible, costly, and accountable — from the kernel’s ETW stream up to the cryptographic hash chain on disk.

MECH / 01

SHA-256 hash chain

Every log entry is chained to the previous via SHA-256. A single altered character is mathematically detectable.

MECH / 02

AES-256 shadow copy

An encrypted backup of your session survives even deliberate log deletion. Unreadable without your PIN and machine.

MECH / 03

ETW kernel monitoring

Catches bulk file copies at the kernel level — robocopy, xcopy, and fast USB dumps that standard monitoring misses.

MECH / 04

USB device tracking

Every USB connection is logged with VID, PID, and serial number. Insertion and removal times are recorded.

MECH / 05

Login & account events

Login attempts, account creation, and remote session events are captured and risk-classified in real time.

MECH / 06

NTP tamper detection

Clock drift greater than 60 seconds triggers a HIGH-severity alert. Timestamp manipulation does not go unnoticed.

MECH / 07

Anti-debug protection

Detects debugger attachment attempts at both managed and kernel API level. The attempt becomes CRITICAL evidence.

MECH / 08

Service watchdog

If a monitoring component is stopped unexpectedly, the watchdog restarts it and logs the interruption within 5 seconds.

§ 04Trust model

Your data.
Your control. Always.

We built Black Box so that even we cannot access your data. Forensic logs live exclusively on your device. The shadow copy is encrypted with AES-256 using a key derived from your PIN and your unique Machine GUID — bound to your exact hardware. When cloud sync launches, every entry will be encrypted with your personal key before it leaves your device. Our servers will receive only ciphertext.

WE CANNOT READ YOUR LOGS · BY DESIGN
  • 01

    AES-256-CBC encryption

    Shadow copy encrypted with a key derived from PIN + Machine GUID.

  • 02

    PBKDF2 PIN hashing

    Your PIN is never stored in plaintext — ever.

  • 03

    SHA-256 hash chain

    Cryptographic proof of log integrity across every session.

  • 04

    4-layer evidence storage

    Primary log, shadow copy, Windows Event Log, and anchor files.

  • 05

    Least-privilege service

    BlackBoxSvc runs as a dedicated low-privilege local account.

  • 06

    Hardened IPC pipe

    Named pipe ACL denies all anonymous connections.

§ 05Pricing

Honest pricing.
Free forever.

Local protection is free, permanently. Subscription tiers unlock encrypted cloud backup and long-term retention when they ship.

Free

Local protection. No subscription.

$0

BEST FOR

  • Individuals
  • Students
  • One-time repairs
  • +Local device monitoring
  • +Tamper-evident activity logs
  • +Forensic report generation
  • +Offline operation
  • +Full control of your data
Download free
RECOMMENDED

Personal

Secure cloud backup. Coming soon.

$6 / mo

COMING SOON

BEST FOR

  • Frequent repairs
  • Professionals
  • Remote workers
  • +Everything in Free
  • +Encrypted cloud log backup
  • +Long-term evidence retention
  • +Priority support
  • +Automatic updates
Join the waitlist

Student

Verified-student pricing.

$4 / mo

COMING SOON

BEST FOR

  • College students
  • Academic users
  • +All Personal features
  • +Student pricing

Requires verification with a college email address.

Request access

Business

Custom deployment for organisations.

Custom

BEST FOR

  • Hospitals
  • Repair centres
  • IT teams
  • Enterprises
  • +Multi-device deployment
  • +Custom configuration
  • +Dedicated support
  • +Compliance reporting
  • +Flexible storage

Pricing tailored to organisation size, usage, and storage needs.

Contact sales

Cloud features ship in the next release. The current version includes full local protection at no cost.

§ 06Download

Black Box.
Free, forever.

WIN 10/11 · x64 · 4.41 MB · SHA-256 VERIFIED · NO CARD REQUIRED

Download for WindowsCreate account

v1.0.1 · RELEASED MAY 2026 · 4.41 MB · SHA-256 VERIFIED

Black Box must only be used on devices you own or have explicit written permission to monitor.