Encryption tools: Open source vs. commercial

Posted on 2008-10-20
Last Modified: 2012-05-05
I have been using TrueCrypt volume encryption since a long time. It is a nice product, no doubt. But when I see it's commercial counterparts like PGP and WinMagic, I wonder how reliable the open source products are. Does any government organization use these products? When you are serious about encryption, you will think of commercial products as they are tested thoroughly,  have been designed by experts in the field and most importantly, many government organizations are relying on them.

I want to know, when seriously talking about mission-critical data and encryption, should one go for open source tools?
Question by:rpkhare
LVL 43

Accepted Solution

ravenpl earned 125 total points
ID: 22761474
No matter what tool You use, You will get the same encryption strength. The encryption is the same.
The problem with open source is that nobody certifies it (nobody wants to spare money on that), yet some open source application are certified (like openvpn). Anyway, if You work for gov and need some guarantees (so You have some company to blame) - stay out from open source. Otherwise go with open source, especially such widely respected like trueCrypt.

About testing: the history showed that closed source is not more secure than open source...

Expert Comment

ID: 23349694
dont forget such important features like

1) centralized keymanagement
2) recovery mechanism


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question