• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3617
  • Last Modified:

Encryption tools: Open source vs. commercial

I have been using TrueCrypt volume encryption since a long time. It is a nice product, no doubt. But when I see it's commercial counterparts like PGP and WinMagic, I wonder how reliable the open source products are. Does any government organization use these products? When you are serious about encryption, you will think of commercial products as they are tested thoroughly,  have been designed by experts in the field and most importantly, many government organizations are relying on them.

I want to know, when seriously talking about mission-critical data and encryption, should one go for open source tools?
1 Solution
No matter what tool You use, You will get the same encryption strength. The encryption is the same.
The problem with open source is that nobody certifies it (nobody wants to spare money on that), yet some open source application are certified (like openvpn). Anyway, if You work for gov and need some guarantees (so You have some company to blame) - stay out from open source. Otherwise go with open source, especially such widely respected like trueCrypt.

About testing: the history showed that closed source is not more secure than open source...
dont forget such important features like

1) centralized keymanagement
2) recovery mechanism


Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now