Mac Lion Encryption and PGP

I just saw this on the Symantec PGP forums:

https://www-secure.symantec.com/connect/forums/1068-update-breaks-pgp#comment-5771471

I installed it on a bootable external drive for testing purposes. Lion encryption is NOT serious encryption from my viewpoint. Here's why.

When you first install Lion ( Like any OS) it asks you to set up a password. This password -if you are going to be using WDE - should be short and not a passphrase for convenience sake. But here lies the rub with Lion: it does not allow you to set a seperate passphrase for your whole disc encryption of your drive. So you either have to have a very short password that is inherently insecure or you are going to have to type your long passphrase everytime you need to change a setting or give your Mac permission to do something. You are also not given any discretion as to what type of encryption to use.

As I stated above, the Mac is about convenience, form, and as little tailioring as possible. I am NOT a fan of PGP. I wish we had more choices for WDE on the Mac. Maybe TrueCrypt will come to the rescue. Also, after being aquired by Symantec, people should feel a bit uneasy about a possible government backdoor. However, using the internal encryption in Lion does not enhance my cool.

 

I know squat about Macs. I have read about doing Linux-style WDE. No clue whether it works.

 

I use PGP WDE. Yes symantics support is poor for Mac users but I have never had any issue with it. I just wait till it works on the latest OS. Also apperently the issues have been fixed so updating no longer bricks Mac's.

I wish TC worked on Mac OS X for WDE but sadly TC is only a windows port and relies on Fuse to work. Unless someone create a kernel based version ( almost a complete redo) it won't work.

I trust PGP. Why? Because Bruce Schneier does and is (was?) on the Board of technical advisors. Not to mention the source code is available for download.

I agree with your assesment on Lion though. Feels like bitlocker to me (never trusted it either).

 

I also agree with you about both BitLocker and Lion encryption. I would not use either if they paid me.

 

Same here. Both are poor and force you to save a "recovery key" or encryption key on a disk. Some security PGP and TC (and LUKS on linux) are the go to for WDE I use both One thing I used to do was have a boot camp partition TC encrypted and did everything there. Then I found it not enough and Bought PGP WDE. TC works great though

 

Out of curiosity, why don't you trust BitLocker? One of its developers, Niels Ferguson, co-designed Twofish with Bruce Schneier, whom you do trust. See Niels' statement regarding alleged back doors in BitLocker. Is it just a Windows thing?

(By the way, even though I wrote about some of BitLocker's good cryptographic decisions, for Microsoft TechNet Magazine, I use PGP products.)

 

The issue is two-fold for me:

1) Microsoft has a bad record for cryptography. NTLM and NTLM V2 are poor hashes at best, Windows 2000 PRNG issues, Older NTFS Encryption was poor as well (and had implementation problems).

2) Windows need for TPM. TPM gives a false sense of security. Now couple that with the fact they FORCE you to back up the encryption key (How is that secure? ) and you have weaknesses. Provided you can wipe that backup or encrypt it yourself Windows also has some other problems.

If using bitlocker (with no TPM) you can ONLY use a flash drive for authentication (No pin or password). This isn't secure. Yes I don't need to know a password but all some one needs is too get my flash drive from me That is something that could be subpenaed while a password cannot be (5th amendment in the US, Similar in Canada where I am).

I may be paranoid but I don't trust MS or Apple for that mater when it comes to cryptography. Both have implemented weaker algorithms and hashes in the past. (Apple only allows for AES-128 bit; I want 256 bit).

If I had more control over bitlocker AND it was under peer review (PGP and TrueCrypt both are) I would trust it more. I don't care about the license as long as two things can happen:

1) Source is sent too an External source for review

2) Source is available for peer review (Many eyes is better than few - Even if their aren't people looking at it the point is they CAN. Making it unlikely for a backdoor to be planted; That would be bad PR)

I Love PGP so far, and I only bought it because there aren't any other (good) solutions for Mac OS X. Since buying it I have also purchased for windows and Linux

Thanks for the links I will take a look at them. May I ask if you trust bitlocker? I see you use PGP but is that a trust issue or just preference?

 

256-bit keys are a good conservative measure, but cryptography is arguably the strongest link in any system; this shouldn't be a deal breaker. But yes, they have, I agree.

While open-source has the potential to be more secure, my view is that it really doesn't matter how many eyes are looking; what matters is the quality of those eyes. For example, what if a company hires, we'll say, Bruce Schneier, to analyze their closed-source product, whereas an open-source alternative hasn't been reviewed by anyone of note? It's open to everyone -- but who's everyone? This isn't a defense for closed-source, though. I want open source, but I want the right people looking at it even more. While I agree that being open may frustrate the inclusion of any back doors, being open doesn't mean it's inherently secure. (Of course, you didn't imply that; I just wanted to add that.)

I think the design decisions behind BitLocker show clear evidence of cryptographers, like Niels Ferguson, behind the scene; in particular, their special diffuser algorithm, Elephant, addressed the issue of integrity in a way that I've not seen from other disk encryption offerings. It was a bit of a risk, by building an entirely new algorithm, but it demonstrated cryptographic competence; for those who didn't want to chance using it, or couldn't, because of standards compliance, the option was there.

Using PGP is a bit of both trust and preference. I trust them to get the implementation right, and I prefer their software out of familiarity, having used it for a number of years.

 

Hate to say it but I don't use anything less than AES 256 bit. Sure 128 bit is uncrackable to but why use it when I can use 256 bit just as easily? To me I want (need) FIPS-140-2 compliant at the least.

Agreed 100% on that. I want open source because it shows the company (i.e PGP) is willing to let anyone analyze it. That said I still want reputable cryptographers on board as well (i.e. Bruce Schneier). I also like (as PGP has done) multiple security and cryptographic experts on board. The more talented people looking at the more likely any bugs or backdoors would be exposed (or not even get in).

While that is pretty cool, what would make me move to bitlocker (on my windows system vs drivecryptor) would be the ability to use a password for authenticating without a TPM (I don't have one). I would also like the ability to disable saving of the plaintext encryption key. If I have to save a backup copy at leastencrypt it.

I just recently bought it and I too like it for those reasons. As I said before I trust it because they have been around for years, and have (and still do ) good security experts on board. Phil Zimmerman is arguably one of the best cryptographers around, and same to Bruce Schneier. The other important thing is neither one of them would EVER backdoor PGP deliberately. Where as Microsoft may (not saying they did).

With bitlocker a backdoor is the least of my worries. My worries are what I said in my last post. Mainly backup the key and authentication with out TPM.