Open-Source or FIPS-Validated Disk Encryption?

Posted by ryuzaki0 on Tuesday April 18, 2006 @10:45AM from the peer-review-or-third-party-approved dept.

j_crane asks: "Our company is looking for disk encryption software that runs on Windows XP/2003 and Linux. There are hundreds of commercial disk encryption programs (most are Windows-only though). Some of them are FIPS-validated by the US NIST, but none of these are open-source. On the other hand, there is an excellent open-source on-the-fly disk encryption software, called TrueCrypt, for Windows and Linux (the program even provides plausible deniability), but it does not have a FIPS-validation. Which would you prefer -- open source or FIPS-validated -- and why?"

2 of 74 comments (clear)

Min score:

Reason:

Sort:

Re:plausible deniability by Anonymous Coward · 2006-04-18 11:02 · Score: 5, Funny

> > Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
>
> What are you? A spy or something?
Naw, he's probably just a British subject or an American citizen.
DUHHH by mboverload · 2006-04-18 11:08 · Score: 4, Funny

Put a Truecrypt volume inside of a FIPS one.
- mboverload