Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

Submission + - Undocumented Backdoor in PGP Whole Disk Encryption (blogspot.com)

A non-mouse Coward writes: PGP Corporation's widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive is stolen when the bypass feature is enabled. The feature is also apparently not in the documentation that ships with the PGP product, nor the publicly available documentation on their website, but only mentioned briefly in the customer knowledge base (PGP customer account required). Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar "dangerous" functionality. There is still no official word from PGP as to why the public documentation withheld recognition of this risky option.

Slashdot Top Deals

When a fellow says, "It ain't the money but the principle of the thing," it's the money. -- Kim Hubbard

Working...