Jump to content

Bitlocker vs PGP drive encryption


Dr.Chi

Recommended Posts

Does anyone know what simularities/differences there is between Bitlocker and PGP's Drive Encryption?

(I know PGP does other stuff, like email enc, but I'm specifically comparing the drive encryption portions).

There's a guy at my work claiming that our Corporate-Wide PGP implementation can be "scrapped" for Bitlocker. Basically he watched one webinar on Vista 2 months ago and now he's running around yelling;

"Bitlocker is teh awezome!!!11!!1!1oneone!!"

I don't know enough about bitlocker to have a good opinion on it, but my assumption is since it's free it's not going to be as good as Corporate PGP for drive encryption.

p.s. I've googled this, but can't find a good comparison, or even unbiased review, from someone who's used each of them.

Link to comment
Share on other sites

Well, having used neither I can at least chime in and offer this advice. Don't base your review on the cost of the software. In fact, some of the best software is free. That said I'd hardly call bitlocker free, you're paying for it with the operating system. Encryption algorithms aside I think whats more important in a corporate situation is ease of use, rollout, adoption, training, support, etc.

Personally I use a double-ROT-13 encryption system on all of my files and I've never had a problem with Hacke+++

NO CARRIER

Link to comment
Share on other sites

Well, having used neither I can at least chime in and offer this advice. Don't base your review on the cost of the software. In fact, some of the best software is free. That said I'd hardly call bitlocker free, you're paying for it with the operating system. Encryption algorithms aside I think whats more important in a corporate situation is ease of use, rollout, adoption, training, support, etc.

Personally I use a double-ROT-13 encryption system on all of my files and I've never had a problem with Hacke+++

NO CARRIER

oh please aardwolf double-ROT-13 is SO insecure... you should at least be using quad-rot-13!!!!111oneone

Link to comment
Share on other sites

PGP is a current solution for those who don't have the extra money to drop on Vista and everything that comes with it.

If your company has money to BURN on TIME, TRAINING, TESTING then it's possibly a good deal because it's built in.

Link to comment
Share on other sites

I appreciate everyone's input.

And I am certainly not one to doubt the powers of "Open Source", by any means.

@kickarse, PGP is not the current solution for companys with no money though...it costs us 20-30 thousand yearly. And that's just for maintenance contracts through PGP. It cost us a butt-ton of money to initially buy and set up. Though that included the hardware appliance, email encryption, etc. More than just the desktop encryption portion that I'm comparing right now.

Keep in mind though, I'm speaking from my "Corp SysAdmin" hat.

Personally I don't trust closed source companies (like PGP corp) nearly as much.

But back to the point, does anyone know how they compare technically?

Link to comment
Share on other sites

I appreciate everyone's input.

And I am certainly not one to doubt the powers of "Open Source", by any means.

@kickarse, PGP is not the current solution for companys with no money though...it costs us 20-30 thousand yearly. And that's just for maintenance contracts through PGP. It cost us a butt-ton of money to initially buy and set up. Though that included the hardware appliance, email encryption, etc. More than just the desktop encryption portion that I'm comparing right now.

Keep in mind though, I'm speaking from my "Corp SysAdmin" hat.

Personally I don't trust closed source companies (like PGP corp) nearly as much.

But back to the point, does anyone know how they compare technically?

What I meant is that it's cheaper to do PGP than to do Vista.

Link to comment
Share on other sites

  • 1 month later...
Well, having used neither I can at least chime in and offer this advice. Don't base your review on the cost of the software. In fact, some of the best software is free. That said I'd hardly call bitlocker free, you're paying for it with the operating system. Encryption algorithms aside I think whats more important in a corporate situation is ease of use, rollout, adoption, training, support, etc.

Personally I use a double-ROT-13 encryption system on all of my files and I've never had a problem with Hacke+++

NO CARRIER

I saw double-ROT-13 and thought o ghods,your not using ROT-26 are you ? but I know you better then that, anyway your company may or may not need full disk encryption, if not then truecrypt may be a good choice but the cost of retraining could be a little hefty and the danger of someone not encrypting something that need to be, will be their.

I have not used PGP or bitlocker so I can not speak for either one of them 20-30 G's a year is a ton of cash that could probably be better spent elseware .

Link to comment
Share on other sites

PGP Whole Disc Encryption (i've been looking into it for work) v.9.5 is around $165 for a perpetual license, but you also want the universal server for key backups, etc. It's also fully compliant with imaging software and uses a single signon. It's steep, might be best to upgrade. I mean business oem with a volume key is what $100 per key plus medium?

As for BitLocker, I'm not exactly sure if it works with imaging, it should work with Sysprep. I mean this is Microsoft, one hand DOES talk to the other one, doesn't it? The problem is the needed hardware to run Vista properly, PGP doesn't need any upgrades and as I've been told, can run on just about anything.

Link to comment
Share on other sites

  • 4 weeks later...

I don't trust any cryptosystem where I can't see the source. that doesn't mean open-source, I'm talking about seeing the source for the encryption algorithm. for example, pgp isn't open-source in a gpl kinda way, but you can see the source to verify integrity. I havn't been able to find such a thing for bitlocker, so I would stay away. They claim it's 128 bit AES, but how do you know it's properly implimented, etc.

I use trucrypt, and a few home-brew python scripts for all my crypto needs.

Link to comment
Share on other sites

I don't trust any cryptosystem where I can't see the source. that doesn't mean open-source, I'm talking about seeing the source for the encryption algorithm. for example, pgp isn't open-source in a gpl kinda way, but you can see the source to verify integrity. I havn't been able to find such a thing for bitlocker, so I would stay away. They claim it's 128 bit AES, but how do you know it's properly implimented, etc.

I use trucrypt, and a few home-brew python scripts for all my crypto needs.

Because if it's not 128 bit AES they can be sued for false advertising ;)

Link to comment
Share on other sites

Well the person who said it was, must have heard it from somewhere.  If Microsoft wrote anywhere that it was AES (blah blah), then people found out it wasn't, then it was advertised falsely.

Well, there is a difference between saying it in an article, blog or documentation and in an advertisement.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...