Resisting the PGP Whole Disk Encryption Craze 480
alaederach writes "I run a lab in a non-profit academic life sciences research institute. Our IT recently decided it would be a good idea to use PGP whole disk encryption on all of our computers, laptops and servers and picked PGP's suite of software. The main reason is that a small subset of our researchers work with patient information which we obviously are mandated to keep confidential. My lab does a lot of high-performance computational work (on genes from Tetrahymena, no humans here) and I am concerned that the overhead of complying with our ITs new security policy will be quite detrimental to my research program. For example, dynamically reallocating a partition on a PGP encrypted disk is apparently not possible. Furthermore, there is some evidence that certain forms of compression are also incompatible with PGP whole disk encryption. Interestingly, it is hard to find any negative articles on PGP, probably because most of them are written by IT pros who are only focused on the security, and not usability. I therefore ask the Slashdot community, what are the disadvantages of PGP in terms of performance, Linux, and high-performance computational research?"
Re:Encryption is good for security, bad for perfor (Score:2, Funny)
FileVault (Score:1, Funny)
Problem solved. That will be $1000.
Re:Repeat after me (Score:5, Funny)
"Marketing is not a science even if its an Open Source project"
Re:People misunderstanding the question... (Score:4, Funny)
His lab works with a protozoa, and has massive computational requirements. There will never be any patient data near his lab...
Crikey Alaederach! Get that encryption software installed pronto. Your personal details are already being leaked on to the web!
Re:People misunderstanding the question... (Score:1, Funny)
In the Right World, where all things are Right, and all people only think the Right thing at all times, $IT_DEPT wins.
What will happen here is anyone's guess, but really all $USER needs to do is adapt to a changed environment, which is never, never as difficult as designing that environment in the first place. $USER doesn't know how good he's got it.
Re:Repeat after me (Score:2, Funny)
"Marketing is not a science even if its an Open Source project"
Run some tests on a drive. Run TrueCrypt, re-run the tests, look the difference in CPU load and performance and then try and work out where the 1% number comes from.
Personally I think its based on averaging time across when you aren't using the machine.
Re:Encryption is good for security, bad for perfor (Score:2, Funny)
The other thing I cannot understand is why anyone would want to run whole-disk encryption on a compute server. Even the US DoD machines that are used for classified research do not do this!
The DoD has tanks, fighter-bombers and men with M-16s to keep their servers secure. Encryption isn't as necessary for them.
LK
Re:People misunderstanding the question... (Score:2, Funny)
Re:People misunderstanding the question... (Score:1, Funny)
I'm a Protozoa.. (Score:2, Funny)
I don't want my data leaked, thank you very much!
Re:People misunderstanding the question... (Score:3, Funny)
...network administrator...the policy stands unbreakable, period. There is no compromise.....
the user's needs are seen to
You say the security policy is unbreakable but your let users touch the network. You my friend live on the EDGE! There's no way I'm letting actual users get anywhere near my secure network.
Re:People misunderstanding the question... (Score:3, Funny)