RFO (Request for Opinions) on PGP Whole Disk Encryption:

Interestingly, it is hard to find any negative articles on PGP, probably because most of them are written by IT pros who are only focused on the security, and not usability. I therefore ask the Slashdot community, what are the disadvantages of PGP in terms of performance, Linux, and high-performance computational research?

I’m not sure about the performance aspects, but I’ve always been a fan of virtual disk (image) encryption. It’s a usability issue, centered primarily on portability.

Secondarily, I was always wary about relying on one piece of third-party software that I was constantly forced to upgrade along with OS’s. During my last OS upgrade (from OS X 10.4 to 10.5) I bagged PGP altogether - I’m now using regular old disk images and encrypting them with 10.5’s resident AES-256 functionality. As for email, usability (centered on the relative complexity of public key encryption in available email clients) really stinks all around, which is probably why so few have adopted it. But I suspect a solution to that issue will present itself forthwith.

Bruce Schneier recommends a good cleaning and PGP (or TrueCrypt).

More on PGP here. I also use Cache Out X for clearing internet and system caches, as well as system logs.

It is quick and dirty, but Channel Register has an interview with Phil Zimmerman, creator of PGP. He says the internet is like downtown Baghdad. I’d hardly disagree - innocent people are being mauled daily on the net.

There’s more on PGP here, here, here, and here.

In the face of an identity crisis going on around the internet, The Register asks: “Whatever happened to PGP?”

Well, it is still on MY desktop, although I must say a few things about it’s use:

1) It does a fine job of encrypting virtual disks, so I know my data is safe (and I like the container concept);

2) The email encryption is not often used - I don’t know too many people in everyday life who know what a public key is and how to use it to read my scrambled messages; and

3) I sign my messages with a free Thawte certificate, because it is easier on everyone else.

None of this means I am I am trying to play down PGP - in fact I have been a loyal, paid, consistently upgrading (and patient on migrating to OS X) user for years. It is just hard for someone to explain how a public key or an encrypted file works, when the party receiving the information doesn’t have the program. I think PGP is simple enough to use, priced appropriately, and readily accessible - its just that everyday joes don’t seem to know about it. And sorry, but OpenPGP is not going to take the thing mainstream.

Nevertheless, for those who have an interest in protecting their bits and bytes with PGP, here’s a little more.

Note: all the good things I say about PGP doesn’t mean I have some deal with them, but that’s not for lack of thinking about it. In fact, they never returned my emails suggesting a partnership…maybe that’s the problem!?

I am a bit lame - I use PGP, not GPG. But for those who prefer the free version, Bruce Schneier is spreading the word of a bug in the open source email encryption program, including the fixes you should look for.

For those now fretting, it sounds as thought the bug affected signed messages, so I think the dirty little secrets you are passing on (madly scrambled) are still safe. Someone please correct me if I’m wrong.

Glenn Fleishman of The Seattle Times put together a nice little primer on PGP that I think all you paranoid types should take a look at.

Pretty Good Privacy (PGP) is the commercial version of the distribution originally released over at MIT (no longer in distribution). It plugs into your email and instant messaging clients, and can encrypt your choice of transmissions. For those on the other side of your communications, it means you can still sign (for authenticity) your emails, and they can read them without PGP. For those you deal with that have the program, you encode messages with a very very high degree of confidence they will not be read by the wrong folks, using standard public-key encryption methodologies.

What I think is the best feature of PGP is its virtual disk function. Create a space on your hard drive, encrypt it with a long string, and load your files into it. When mounted, you have access to those files just like any drive/folder on your machine. Unmount, and it becomes a bunch of garbage to anyone sneaking around.

Now, for the fair warning…

You scumbags out there taking violate pictures of the innocent and other such disgusting crap are not protected by the fair use of PGP. A Minnesota court recently ruled that the existence of the software on a scumbag’s machine was evidence of criminal intent.

But for those of us who use the program to secure valuable data (like images of bank and credit card statements, legal documents, and sensitive client files), particularly on easy-to-pick-up-and-walk-out-the-door-with laptops, it is a worthy piece of code.