?
Solved

Pretty Good Privacy (PGP) - SAFE or NO.

Posted on 2009-12-21
22
Medium Priority
?
762 Views
Last Modified: 2012-05-08
Hello,

     I need some professional opinions regarding this software  because  i asked almost all my friends what's the best software for encrypting hard-disk data and most of them gave me the same answer : PGP . I heard a lot of good things about PGP, but before buying the software I really want an answer for this situation :
     In my opinion this software is designed to PROTECT peoples data against anyone, but two weeks ago a friend who work as policeman in Belgium told me that PGP can be cracked by their IT guys if the person who is using the software, decrypt informations every time before reinstalling the OS . After I read a lot of stuff about pgp, and after I talked with all my friends they told me they are using pgp like this : they install the OS (usually , windows XP), after installing the OS, they install PGP software and encrypt the whole disk. When they want to format their pc they decrypt the HDD , then format, reinstall the OS , then again reinstall the PGP and encrypt the hard-disk again. As I said upwards , I heard that if you are using the PGP this way, the hdd can be somehow cracked or the PGP bypassed, not very sure, because my friend who work in police is not working in IT department .
    I suppose if I uninstall the PGP without decrypting the hdd, I wont be able to access my hdd anymore, because I believe its encrypted, right?
    So, my question is , if I will buy PGP , how can I use it  properly? How can I have the maximum rate of safety with this  software? I really want to buy this software if its GOOD and if offers protection, so I really need some opinions.

PLEASE, POST ONLY PEOPLE WHO ARE USING OR WHO USED PGP.

Thank you very much guys.
0
Comment
Question by:love76ers
  • 10
  • 6
  • 5
  • +1
22 Comments
 
LVL 27

Accepted Solution

by:
Tolomir earned 2000 total points
ID: 26096492
There is a risk that one is able to read former unencrypted information from an encrypted disk. Like you can read words from an cleaned blackboard.

But, if you use a new HD, install windows on it, install pgp full disk encryption on it, then load sensitive data on the system, no one can read this information, because it was never stored unencrypted on the harddisk,

---

If you use pgp to encrypt just a non-system partition to store sensitive information, traces of that data remain in the windows temp folder, swapfile, registry. So a full disk encryption in such cases (notebook) is always the best choice.

Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26096613
Btw. you can also use truecrypt full disk encryption.

http://www.truecrypt.org/docs/?s=system-encryption

This opensource solution, comes for free, but you also get no special support for it. (I.e. make backups in regular intervals)  
0
 

Author Comment

by:love76ers
ID: 26096792
I though i should encrypt the hdd AFTER i loaded sensitive informations on it, in order to encrypt them...
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 10

Expert Comment

by:Tobias
ID: 26096825
Dear, first PGP is free, I don't know why you want pay someone ?

Like Tolomir says, TrueCrypt is one solution for encrypt the hard drive.

PGP was not create for the hard drive but for the email.

Best Regards
0
 
LVL 10

Expert Comment

by:Tobias
ID: 26096857
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26096959
No, the entire system is encrypted, you load unencrypted data on it, encrypting it automatically.

@Madshiva, the asker is referring to pgp desktop. The full disk encryption component is not for free.

http://eu.store.pgp.com/whole_disk_encryption.html

PGP Whole Disk Encryption locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system, and swap files. The data encryption software continuously safeguards data from unauthorized access, providing strong security for intellectual property, customer and partner data, and corporate brand equity.


0
 
LVL 10

Expert Comment

by:Tobias
ID: 26097062
@Tolomir, ok thanks.

He should not call them PGP only, it's not the same product.

Anyway, if he want but this software, for the moment the AES 256-bit it's safe and could not be cracked.

Best Regards
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26097270
pgp is a company ;-)

---

The advantage with pgp disk encryption or drivecrypt from securstar is you get software support.

---

truecrypt (using it myself) just offers forum support. http://forums.truecrypt.org/
Also note that, as TrueCrypt is free, there is no official support for TrueCrypt. For 'unofficial' support (i.e. users help other users) please visit the TrueCrypt Forums. taken from their faq

Tolomir
0
 

Author Comment

by:love76ers
ID: 26097428
MadShiva said: Anyway, if he want but this software, for the moment the AES 256-bit it's safe and could not be cracked.


Are you trying to say that you believe NSA cannot bypass it ?

Tolomir, i'll keep the question open for 2 more days.I really need to see more oppinions.Hope you don't mind.

 Many thanks for every answer.
0
 

Author Comment

by:love76ers
ID: 26100173
Tolomir , what about this part of the story :
"When they want to format their pc they decrypt the HDD , then format, reinstall the OS , then again reinstall the PGP and encrypt the hard-disk again.
 I suppose if I uninstall the PGP  or if i simply format the pc , without decrypting the hdd, I wont be able to access my hdd anymore, because I believe it s encrypted, right? "
Ty
0
 
LVL 10

Expert Comment

by:Tobias
ID: 26100489
Dear,

I mean they could not be cracked for the moment, but the algorithm had some problem that I think someday somebody will find a way to crack it in a short time.

The problem is that I don't know how many PS3 that have buy the NSA to crack it in a short amount of time :)

See this article, about peoples that have find a attack 4 month ago :

http://eprint.iacr.org/2009/374

Best Regards
0
 
LVL 10

Expert Comment

by:Tobias
ID: 26100515
About the last question if you format it, the hdd will not be more encrypted. If you try to restore the data of the disk , then the data is encrypted.

If you uninstall PGP, the program should ask you to unencrypted the data (then you don't lose the data).


Best Regards
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26101877
You don't format partition c:
you simply delete it before you reinstall windows.
If you want to uninstall pgp, make sure all sensitive information is removed before.
Think about a safe: you would empty it before discarding it would'nt you? You also would never place your treasures on a table for the time until you get a larger safe?  
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26101893
@madshiva: I'm not sure you did really understand the question...
This is a forensic issue, not a how to install/uninstall windows or full disk encryption.

Just my 2 cents,
Tolomir
0
 
LVL 10

Expert Comment

by:Tobias
ID: 26102805

Hum, @Tolomir, I don't have know the name of the software that love76ers would use in the start ok, but I know forensic, and I'm not doing a how to do... I have tried to answer the last question. And I answer, I don't' put other question to the answer of love76ers....

Why you want remove the information before uninstall pgp ??? This make no sens, the data could be decrypted and don't need to time copy, to another disk or a nothing work.

If you want remove the data, the format it, or crash it, but don't tell that you need to do something...

This protection, protect again the access physical to the disk only, then it depend on your environment if you could let the disk not encrypted the time that you switch to another big hard drive... I don't agree with @Tolomir. I don't know how many you need that your file is protected, then it's too you to think about problem that append if you let the hard drive without encryption on the table.

Best Regards

0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26102909
" In my opinion this software is designed to PROTECT peoples data against anyone, but two weeks ago a friend who work as policeman in Belgium told me that PGP can be cracked by their IT guys if the person who is using the software, decrypt informations every time before reinstalling the OS . After I read a lot of stuff about pgp, and after I talked with all my friends they told me they are using pgp like this : they install the OS (usually , windows XP), after installing the OS, they install PGP software and encrypt the whole disk. When they want to format their pc they decrypt the HDD , then format, reinstall the OS , then again reinstall the PGP and encrypt the hard-disk again. As I said upwards , I heard that if you are using the PGP this way, the hdd can be somehow cracked or the PGP bypassed, not very sure, because my friend who work in police is not working in IT department ."

+

"                                                         
O&O DiskRecovery searches for and reconstructs deleted or lost data! The clear Wizard guides you step-by-step through the data rescue. O&O DiskRecovery 6 supports all popular file formats and scans every sector of the hard disk, the memory card or the digital camera for lost files. O&O DiskRecovery 6 can also find and recover data in the most extreme situations, such as with already formatted or destroyed file systems. "

is the issue I'm talking about.


0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26102981
So pgp is never cracked but unencrypted information can be recovered. For sure not all files but if some are available this is a start in forensic work.

Thus I suggest to store never data unencrypted on the harddisk and if you have to reinstall windows / pgp 1st move sensitive files away, to render tools like O&O Diskrecovery useless.


0
 
LVL 65

Expert Comment

by:btan
ID: 26110971
PGP documentation did suggest best practice, see pg 5 (before encrypt)
- https://supportimg.pgp.com/pdf/PGPWDEqsg.pdf

I will say that in general the critical areas such as creating backup and a recovery disk applies for all whole HDD encryption software (same for Truecrypt). Typically the recovery disk will contain the MBR of the HDD that will direct to PGP bootstrap code and proceed to find and uncover the HDD encryption key (protected by the user's passphrase).

Recovery is key for deciding whether to get that software, the trouble and scrambling comes when HDD crashes and not able to boot up, but your data are still in the HDD. See this blog comments on the hassle. But I am not saying that HDD protection or PGP is not good, you need to make the discretion - support is key.
- http://blog.securism.com/2009/01/recovering-a-pgp-whole-disk-encrypted-drive/ 

Tyically "gaps" for such HDD encryption revolve in weakness in the ciphering mode (e.g. CBC, ECB and ease of finding the encryption in memory (e.g. cold boot attack). The algorithm should be robust and even if it is "breakable", I see it as only conceptual proof of concept that may not be logically for the attacker to exploit. It applies to all HDD encryption s/w, in general, you should have second factor authentication using smart card or biometric at preboot. That I will say safer and with proper BIOS lockdown so that booting from other device is not straightforward. Also do not go for sleep mode as cold boot attack can still works, choose hibernation - they are not preventive but can deter.

There is no so called perfect encryption soln but a layer defenses such as also incorporating on top of the HDD protection on the files you deemed worthy of protecting (of course not those system files). It make harder for the attacker to get your sensitive document. I believe PGP (other suite) has file/folder protection as well. You may also treat volume as a container file to store those files.

Having said all that, on the forensic part of "uninstall and re-install", I do not see any software possible to recover the encrypted HDD or partition that straightforward. Those recovery s/w really applies for case on plain HDD etc with "break in the file system structure etc. Note that even encrypted HDD do has plain sector in them to contain the software codes to monitor and start the "encrypt and decrypt on the fly"  processes. So, i do not see a possibility of the backdoor unless we really do a offline deisgn and source code review. Recovery (adhering the proper intent) is not backdoor - key or passphrase still lie with user.

Also weakest link is the user who "own" the passphrase - choose one wisely and manage it well (not share around or using sticky notes).

Hope it helps
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26111651
Well if a user behaves like this:When they want to format their pc they decrypt the HDD , then format, reinstall the OS , then again reinstall the PGP and encrypt the hard-disk again.

I see a way to recover data. Because (for a short time) all data is stored unencrypted on the harddisk, go figure...

Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 26111668
A drive format is nothing more than delete the file directories and (optionally check for bad sectors)
If they would wipe their HD before reinstallation (in a DoD proven way) I would not argue here.  
0
 

Author Comment

by:love76ers
ID: 26144293
Sorry for the delay, but i was out of town till now. Many thanks to all of you, but i would like to offer all the points to Tolomir. If anyone has any objections about my decission, please reply this message in 24 hours . Topic will be closed soon. Best wishes.
0
 

Author Closing Comment

by:love76ers
ID: 31668531
Many thanks. I would like to ask you a little question in private , IF POSSIBLE. Please add my msn  , if you don`t mind.Thank you very very much for your patience and for your answers.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question