RE: Full Disk Laptop Encryption

["Bob Beringer" <bob () eor us>]

Rob,

I fully agree with you and had the same experiences and hardships with the upgrades to the 9.x versions.

Since then they have added MAC FDE* support and a Universal Server for enterprise key management.  The new universal 
server allows for custom clients to be created with flexibility in rules and behavior. (As a side note, the new server 
has been around for less than a year now...)

We are still working through the caveats with MAC FDE and completing our first couple heterogeneous Pilot's / 
bake-off's with the new suite of solutions from PGP, but I can tell you that so far, things look much better than what 
was offered via the earlier 9.x versions...

Will send more once we finish putting the new client through its paces...

v/r
Bob

-----Original Message-----
From: Rob Thompson [mailto:my.security.lists () gmail com] 
Sent: Thursday, September 27, 2007 4:45 PM
To: gjgowey () tmo blackberry net
Cc: listbounce () securityfocus com; Bob Beringer; Lafosse, Ricardo; security-basics () securityfocus com
Subject: Re: Full Disk Laptop Encryption

On 9/27/07, gjgowey () tmo blackberry net <gjgowey () tmo blackberry net> wrote:
> Just like you're curious about Pointsec I'm curious about your opinion of PGP's products.  I haven't tracked PGP 
> corporations product lines at all, but I'm curious as to why you don't like them.

I started to have problems with PGP after they released version 9 of
their current product.  I didn't care for how they have "dumbed down"
the user experience by trying to make everything automated, just
controlled by rules.  Yet there was no manual overrides.  The rules
came in handy to a point, but there were times when they just were not
convenient.  I have played with it up to release 9.5.3.  I have since
uninstalled and gone back to version 8.1 for my work, and at home I
have completely changed out to GPG instead (which I would use here at
work if I was allowed to - I absolutely LOVE it).

In regards to the FDE feature.  When I attempted to use this from PGP,
it was back when it was first released.  I was pretty excited about it
as it was supposed to be a cost effective way to add FDE to a hard
drive while at the same time giving it its e-mail encryption as well.
It was a reduced cost.

I do not know how the product performs as of late.  It may be very
improved.  But back when I tried it out, (and these are very generic
descriptions I'm going to give, it's been a few years since I tried it
last - I'm running off of my poor memory here...) it was clunky and
awkward.  I didn't care for it's interface, it didn't seem very user
friendly to me.  There were many bug reports of failures and data
loss.  And yes, this was back in it's beginning and I'm sure they had
some bugs to work out.

But at that time, I already had found an FDE that worked and IMO
worked well.  I didn't see the point in trying to figure out the bugs
and try to find work arounds, when I already had something that I did
use and liked.

While I feel like I typed a lot and didn't say too much, I hope that
this makes some shred of sense.

<snip>

-- 
Rob