Undocumented Bypass in PGP Whole Disk Encryption

A non-mouse Coward writes "PGP Corporation's widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive is stolen when the bypass feature is enabled. The feature is also apparently not in the documentation that ships with the PGP product, nor the publicly available documentation on their website, but only mentioned briefly in the customer knowledge base. Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar functionality."

Fine by me..

[JackMeyhoff]

... choose a different product. This also is against their product description so report them to trading standards and demand refunds. What about Seagate Momentus FDE drives? DO they have a bypass also?

Re:Fine by me..

Wow, same joke again. You sure are funny.
 
Unlike the captcha: succinct.

Re:Fine by me..

[pilsner.urquell]

What, only one referance to Phil Zimmermann? One of the main reasons Philip Zimmermann created Pretty Good Privacy in 1991 was because of the US government wanting to install backdoors in encryption software.

Re:Fine by me..

[illegalcortex]

I can't believe you made such a long post about a moot point. If you social engineer someone to give you the passphrase, you don't even need to use this feature. The passphrase is the whole thing encrypting the disk. If you have the passphrase, you ALREADY GOT THE ACCESS. You don't need any fancy reboot tricks.

Interesting...

[Paden]

Having replaced laptop motherboards for Raytheon that had the pgp whole disk encryption and asking them if there was a way around it to check the os and their response being there is no way around it, I wonder "who" the unnamed customer was?

Did anyone read the response?

[duplicate-nickname]

Seriously, customers require this so IT staff can do remote support and reboot the machine remotely. It is only enabled for one reboot, and you must have cryptographic access to enable this feature. The only threat is if someone where to enable this, not reboot, and then have the machine stolen.

Why does crap like this make it to the front page of Slashdot?

Re:to put out some of the flames

[MalleusEBHC]

Also, from his wording, it sounded like it is not enabled by default. In other words, you can actively choose to sacrifice a bit of security in order to make it work properly in your environment. Sounds like a nice feature to me.

Which full disk encryption to use?

[Aminion]

So which full disk encryption software does Slashdot recommend? Preferably FOSS and available for *Nix and Windows.

"Unnamed Customers"

[WED+Fan]

How much do you want to bet that "unnamed customers" are synonymous with "various federal and state police agencies, DOD, and NSA"?

Takers?

There was GPGDisk

[Kadin2048]

The GPG program that you download doesn't do full-disk encryption; it's pretty purely a file/stream encryption program. I suppose you could use it for disk encryption, by streaming data through it on its way to and from a device, but that's not how it's normally used.

There is/was a program around that used GPG to do FDE, called GPGDisk. I'm not sure whether it used your installed copy of GPG to do the heavy lifting, or if it just included the same code, or worked using the same algorithms but had its own totally separate crypto engine. It was reasonably popular for a while, but I think a lot of people who were using it have now switched to TrueCrypt.

However, GPGDisk did offer some unique features, like the ability to encrypt a disk using a GPG key, and some fairly fine-grained access controls that you could set up for multiple users (IIRC). Every once in a while someone will mention it on the comments on Bruce Schneier's blog, so apparently it's still getting some use. But it doesn't offer some of the neater features that TrueCrypt does, like plausible deniability or containers-in-containers, I don't believe.

Re:And People Wonder Why Open Source!

[spottedkangaroo]

For now anyway.

If people complete various "hard" problems on quantum computers then the non-people at the NSA can probably afford to throw two billion (or whatever) at it to crack ALL MODERN ENCRYPTION that doesn't use quantum devices for keys.

Re:unnamed customers

[moderatorrater]

But it does mean that this is not that door. As mentioned elsewhere in this article, under no circumstances should you trust information that you want to be secret to a closed program/algorithm.

Re:And People Wonder Why Open Source!

[Cheesey]

When it comes to encryption it is exactly for this reason why I use the "clunky", "hard to configure", "no GUI" Open Source!

Ah, but that's not necessarily a defence against the NSA! Their backdoors might not be hidden in closed source binaries, or in obfuscated source code, or in your CPU hardware, or even injected covertly by your copy of GCC when it recognises encryption code. They might be mathematical backdoors, hidden inside well-known ciphers that are generally thought to be secure. There's the old story about DES, and how the NSA improved the cipher, but refused to say exactly why the new version was better... Don't trust anyone, especially if their name is a three letter acronym! :)