Posted by Jeffrey Kabbe on August 26th, 2008 in News, Security, Software | Permalink
PGP Whole Disk Encryption for Mac OS X
August 26, 2008PGP announced an upgrade to its encryption platform, which now includes whole disk encryption for Mac OS X. For anyone who works with confidential information, laptop security is an increasingly important issue. File Vault has been a decent solution, but not one that works well with backup applications like Time Machine. I haven’t had a chance to try it yet, but it sounds like PGP whole disk encryption should play much better with Time Machine.
A free trial of PGP Desktop is available. The FAQ indicates that any disks encrypted with whole disk encryption will decrypt at the end of the trial. But, as with anything that messes with your data, I recommend caution before running it on a primary work computer.
Hello: I have a Question / Concern about Full Disk Encryption, in either PC or Mac; Does Full Disk Encryption protects the data on my PC / Mac just in case that it gets stolen or lost, or does it fully protect my data, once I turn it on, against online Hackers and / or against Spyware or Trojans as well? To be more specific; Does Full Disk Encryption protects the Data on my PC or MAC only before I enter the Boot Password, or Does it actually provide protection (Encryption) once I have enter such password at boot time? I guess, once I enter the password and the OS starts, then the Hard Drive is no longer encrypted – Right? So, any Hacker, Spy ware or Trojan may access the data (already decrypted) on my hard drive – Right? I think of Full Disk Encryption as a protective mode but only if your PC or Mac gets stolen, I mean, nobody will be able to boot it up without the correct password, but again, what about the dangers once you start the OS and go online?
Posted by Pancho | September 2nd, 2008 at 5:54 am
Whole disk encryption is designed to protect against your laptop being stolen. Once you enter the password and boot up, it’s not going to keep trojans or spyware from reading your drive because they will have the same read/write privileges that you do.
Posted by Jeff | September 2nd, 2008 at 7:49 pm
Hi Jeff: That’s the answer I was expecting, but I just wanted confirmation. I am considering to implement Full Disk Encryption in both my PC and Mac, but since I don’t take my laptops for holidays, then Full Disk Encryption may not be useful or necessary. I downloaded TrueCrypt, which is available for Windows and Mac, it is Free and it is Open Source. It looks that on my Windows PC things got a little messy and impacted performance, even though I increased the default size of the Page File (pagefile.sys) Maybe some other issues too with Kaspersky Internet Security 2009, even though I added TrueCrypt as a trusted application to KIS. At the end, I decided to uninstall TrueCrypt and things came back to normal. Anyway, I was more interested in a software application that actually keeps data encrypted while I am using the Internet. I am looking now to implement Only “Encrypted Containers” which I can do too with TrueCrypt, but must importantly – It will provide the Encrypted Protection I am looking for while connecting to the Internet. I guess, using Encrypted Containers instead of Full Disk Encryption is the right choice because even if a Hacker, Spyware, Trojan or whatever has access to my Encrypted Container, then it will not be able to open it without the needed password, which I only enter when my PC or Mac is fiscally disconnected (Unplugged) and then, when I need to use the Internet again, I simply reboot under a Not Administrator Account. As for my Mac, I decided not to use TrueCrypt, even if it has a Stronger Encryption, and I am using instead the default Encryption Utility that comes with all Mac OS, I just don’t want to mess up with the 3 grand box, especially when I will finish to pay it in 3 years from now. I hope this info will also be helpful for someone else.
Posted by Pancho | September 3rd, 2008 at 10:12 am
As a full-time Mac user (at home) I am not fully up to speed on what the latest trojans do on PCs. I think your biggest risks there, though, are keystroke loggers that record your passwords to financial sites. If you are worried about your data being compromised, I would suggest using a combination of encryption and multiple accounts. On the Mac, using two accounts (one for internet and one for everything else) would probably solve your problem by itself. An extra layer of security could be added with File Vault.
Posted by Jeff | September 3rd, 2008 at 8:44 pm