Notable features include encrypted zip files, secure email and AIM messaging and my favorite, PGP Shred. In addition to whole disk encryption, PGP Desktop provides a slew of security-oriented features. Without cooling, RAM forgets data within 2 minutes.įor general protection from cold boot attacks, I recommend turning off your computer when you are in situations that it is possible for someone to gain physical access to your machine, in addition to setting your Mac to hibernate mode 0. RAM chilled with any coolant, such as liquid nitrogen, retains data much longer and makes it easy for cold boot attackers to copy the contents of the RAM for snooping. The MacBook Air has soldered-in RAM chips: horrible from an expansion standpoint, but great from a security standpoint. PGP WDE's pre-boot authentication will prevent someone from rebooting your machine and booting up a live, lightweight Linux distro (such as BackTrack, Auditor, PHLAK and Knoppix-STD) that won't disrupt the memory footprint too much and make data recovery from your memory a reality.
With PGP WDE, your encrypted hard drive is safe from cold boot attacks but that doesn't mean someone can't find other data in your memory - if your memory is removable. I contacted PGP about this possibility and they told me that "it is stored on the MBR encrypted with AES-256." More Security ParanoiaĪ common attack to gain access to encrypted hard drives is the cold boot attack where an attacker exploits a hardware vulnerability in RAM to find encryption keys, and then use those keys to decrypt the hard drive. That includes applications like Adium and Transmit.
That means that even if someone gains access to the system, they will not be able to use any applications that rely on login and password info stored in the OS X login keychain. That's why I changed my login keychain settings to lock when sleeping. The entire encryption process took about 2.5 hours on my 1.6GHz MacBook Air, which had 55GB of data in use. As the snippet above explained, PGP WDE encrypts in the background, unlike Apple's FileVault which locks you out for hours while it encrypts. You may also pause and resume the process at your convenience.Īll I had to do was select my hard drive, provide a passphrase and it began encrypting my hard drive. The encryption process can be lengthy, however PGP desktop runs in the background.
PGP Whole Disk provides the next level of security and convenience by encrypting your entire disk. When that was done, it was time to embark on the task of actually encrypting my hard drive. After installing the actual PGP Desktop application, I was led through creating and publishing a PGP key. Setting up PGP WDE had quite a few steps but was a pretty smooth process overall. Since publishing that post I have installed and been using PGP WDE on my MacBook Air for about a week. By encrypting my hard drive, I am able to keep all of my data safe from physical disk access and other such tampering.
Last week I boasted about the release of PGP Whole Disk Encryption for Mac OS X and how it is definitely something to consider if data privacy is of utmost importance to you. Review: PGP Whole Disk Encryption for Mac OS X