[Infowarrior] - PGP: Whole disk encryption for Mac OS X is 'in active development'
Richard Forno
rforno at infowarrior.org
Tue Feb 12 04:48:10 UTC 2008
PGP: Whole disk encryption for Mac OS X is 'in active development'
Posted by Declan McCullagh | 5 comments
http://www.news.com/8301-10784_3-9869812-7.html?part=rss&subj=news&tag=2547-
1_3-0-20
PGP Corp. is planning to release a version of its whole-disk encryption
software for Apple Macintosh computers running OS X.
Jon Callas, PGP's chief technology officer, told me on Monday that the
software is "in active development" and will run on Intel-based Macs. Callas
didn't want to elaborate on a shipping date, unfortunately.
This promises to be a boon for OS X users, especially laptop users who are
more likely to lose their machines or run into snoopy border police and
airport security guards who want to poke around the contents of their hard
drives. Right now there's no way for OS X users to encrypt their entire boot
disks.
OS X already features FileVault, of course, but that focuses on encrypting
the user's home directory. Without whole-disk encryption, Unix-derived
systems including OS X store in unencrypted form details about VPN usage,
login times, and what applications are installed in the default location.
Some applications including Thunderbird save working copies of documents in
an unencrypted area outside the home directory.
Another problem with FileVault is that it hasn't always been implemented
that securely. Earlier versions of OS X didn't encrypt the swapfile used for
virtual memory, meaning the password could in many cases be easily
extracted. And a paper (click for PDF) published last year by Jacob
Appelbaum and Ralf-Philipp Weinmann found other potential security
weaknesses.
PGP released its whole-disk encryption utility for Windows in May 2005. A
perpetual license for PGP Whole Disk Encryption 9.8 for Windows costs $149.
I should also note here that a free volume encryption utility called
TrueCrypt was released for OS X last week (it was previously available for
Windows and Linux). TrueCrypt doesn't do whole-disk encryption, but it does
offer a way to conceal the fact that an encrypted volume exists--although
that handy feature isn't yet available on OS X and Linux.
More information about the Infowarrior
mailing list