back to article PGP disk encrypt approved by MoD for military use

The UK MoD has certified PGP Corporation's whole disk encryption technology as suitable for use on British military computers. However, like most software-only solutions, it has been approved only for machines holding fairly low-level information. PGP Whole Disk Encryption had previously passed the UK government's baseline …


This topic is closed for new posts.
  1. Richard 51

    not usually the technology thats the flaw

    Its the humans, leaving papers on the train for example.

    It would be nice to know how big a super computer you would need to break pgp disk encryption !

    1. BeachBoy

      To Crack PGP .....

      My guess is about the size of one of the ones the boys in Cheltenham have

    2. Christoph

      Not a problem

      If they can break PGP they will take extreme care not to let anyone know that they can.

      So they are not going to use it for something like persecuting individuals, just in case it became apparent how they got the information.

  2. Charles 9 Silver badge
    Thumb Up

    Overabundance of caution.

    When it comes to any kind of generally-restricted (as in not to be exposed to everyone) information, I would prefer any firm or agency to exercise an overabundance of caution. It would be preferred if NO ONE was able to use it than the WRONG PERSON was able to use it.

  3. Robin Szemeti

    Same level as BitLurker?

    I'm somewhat suprised that PGP and BitLurker get the same rating ... it would be interesting to know what hoops PGP would have to jump through to get the next level.

    personally, given the track record, I'd not trust a closed source disk encryption product, especially one from an outfit with repeated security fails like MS.

    1. Anonymous Coward
      Anonymous Coward

      Closed source?

      MS is not closed source if you are a government or any company over a trivial size.

      Also you seem to be another person suggesting that BitLocker isn't very good, while failing to mention why? I would genuinely like to know if there is anything specifically wrong with it.

      1. Gulfie
        Thumb Up

        Re: Closed Source

        The implication wasn't aimed at BitLocker; more at the company that has written the BitLocker software, and their reputation for security... tarnished by association, and all that!

    2. Anonymous Coward


      When PGP comes with the required additional hardware. Read the article, it's all there....

  4. Tom 7 Silver badge


    Its nice to know we're going to be paying a lot of tax money to PGP that we could have saved using the GPL'ed equivalents. Wouldn't want all that lovely money going to the bankers - best piss it up a different wall.

  5. ph3d


    so bitlocker has been broken wide open and its still in use for restricted level 3 docs....

    ....cant say im suprised to be honest..

    1. Anonymous Coward
      Anonymous Coward


      Has it? When? can you post a link?

      1. Simon C
        Thumb Up


        1. Anonymous Coward
          Anonymous Coward


          That's hardly blown wide open now, is it?

          The attack methods described require intimate access to the machine running bit locker on at least one occasion prior to the attack. While it is interesting, this sort of thing would work against most, if not all other encryption packages.

        2. Chris Miller

          Nothing to see here

          All that report shows is that when you let bad guys have physical access to your hardware (twice), it's game over. As it would be with pretty much any security product.

  6. Anonymous Coward


    In my experience, level 3 stuff is pretty mediocre anyway. RAF Chislewick plans to resurface the runway; RAF Little Hampton needs a new astroturf for the hockey pitch; etc. I suppose some poor office monkey somewhere had to classify them and plumped for the safe option.

    AC, but if I'm screwed over with the Official Secrets Act for telling you THAT...!

    Mine's the one with polonium-210 in the pocket.

  7. Red Bren

    Not Apple users then

    Still no Snow Leopard support from PGP

    1. Benny

      The Beta

      version works a treat, it just decrypts after 30 days

      1. Red Bren

        That's reassuring but...

        I didn't want to upgrade SL and PGP10, then find a problem. So I'm stuck with Leopard and PGP9 until the next release.

    2. Anonymous Coward
      Anonymous Coward

      Is OS X certified?

      Are any Apple OS's certified for use with classified information? If not, then it's not an issue as the information won't be on the Apple computer in the first place.

      If someone did have classified information on a computer with an uncertified OS, then they probably wouldn't be that bothered about whether or not their encryption package was certified too.

  8. JP19


    How can this recommendation be reported to the public?

    These guys still run their systems under windows NT


    1. Anonymous Coward

      yes NT4

      Yes, Only because HP/EDS have carefully set the virus scan to run immediately on login, so you sit there for an hour in the morning waiting for the virus scan to complete before you can use the workstation, then when you try to load outlook (97) you get the error message "system is running low on virtual memory".

      You don't actually believe that they would let anyone USE the NT workstations do you?

      (Nope theres no noise outside, and thats not a black helicopter)

  9. Anonymous Coward
    Anonymous Coward's a secret

    The usual blurb from the Register that stuff at SECRET level isn't particurly interesting, spoken/written by someone that's probably had little to do with protectively marked data.

    Au contraire mon ami, somestime stuff at lower levels *is* interesting but I can't tell you what, because I'd have to kill you.

    You really need to ditch this attitude that the MoD is paranoid and protectively marks data when it doesn't need to be. However, I will admit, that some stuff at restricted shouldn't be marked so, but then again...some stuff should be.

  10. Stuart 22 Silver badge

    So you think you can de-crypt this?

    @AC "In my experience, level 3 stuff is pretty mediocre anyway. RAF Chislewick plans to resurface the runway; RAF Little Hampton needs a new astroturf for the hockey pitch; etc. I suppose some poor office monkey somewhere had to classify them and plumped for the safe option."

    Or deliberate? - I guess a fair chunk of Russian/Chinese/American de-crypto hardware is slowly discovering that. Getting the enemy to target the wrong stuff is one of the most valuable ways of protecting the 'crown jewels'. Indeed the best security is that that can't be noticed ...

  11. Daniel 1

    I've got it on this laptop I'm using, now

    Yeah, we could employ our own disc-encryption technicians, and use the original GPL-licensed products, and do it all ourselves - but in a way, you're just inventing your own brand of 'proprietary'. Support for disc encryption that does not seriously impact machine performance across thousands of laptops, of dozens of different models, across multiple international sites, is decidedly non-trivial.

    How many of the commenters, on this story are typing on machines with full-disc encryption in place, I wonder? If you are (and you installed it all yourself from source) how long did it take? If you don't think it took you that long, then I have a proposition for you: we have 2,600+ laptop users, across nine different sites in the UK. Some of them have more than one laptop... Care to drop by and replace the PGP full-disc, on all of them, with your free alternative? We'll want at least three year's support thrown in. How about we start next Thursday at our Merseyside depot? I must tell you, if you are successful, we also have offices in Malaysia, Cyprus and California, among other places, with about another 1,500 laptops. Unfortunately, you won't get to see to much of the local nightlife, because you'll be too busy installing encryption software...

    PGP may be expensive, but at least the actual source code is available on line, unlike Bitlocker. You offload the support overheads and reduce the 'bus-factor' inherent in employing your own specialists - and most importantly, you can assure any external auditing body that a stolen machine was secured using a recognised product, from a specialist supplier, rather than just some roll-your-own solution installed at your 'say-so'.

    That company you keep hearing about having it's laptops stolen? That's us. You get to hear about our laptops being stolen, partly because we have so many of the damn things, but mostly because we can dare to own up to the fact that they've been stolen. Ironically enough, we're probably one of the few commercial companies, with a UK arm, that deploys the kind of hardware that could force-decrypt one of the things. Fortunately for the spooks, all our spooky hardware is too busy paying the payrolls and pensions schemes of Police forces, the NHS, county councils, and - yes - the military.

    I certainly think this is a step up, in securing military laptops, from slinging them in the sea from the decks of cross-channel ferries!

    1. Anonymous Coward

      Daniel 1 - What's with all this travelling to install full disc encryption?

      I work in an organisation that has well over 10 times (could be 20 times) your 2,600 laptops and full disc encryption was rolled out recently without manual involvement from either the techs or the users (beyond clicking on a button and thinking up a passphrase). There were a small number of problems that required manual intervention but these were mainly caused by users messing with their laptop configurations (ie.things like dual-booting - which is specifically not supported and non-standard partition layouts).

      1. Anonymous Coward

        That's assuming that...

        the laptops are connected to a network. An 'R' laptop can only be connected to an 'R' network, so if you users are remote and you don't have the required infrastructure to connect to these machines then you are bit screwed. We have 'R' machines but no remote 'R' network connectivity - makes software installation a bit trickier.

        If yours is an 'R' (or higher) infrastructure then congratulations (and I am impressed) but don't assume that is the case for all MOD restricted devices.

  12. Anonymous Coward

    This is not a title

    "Unless you think that the Russian FSB are going to lift your crypto keys right out of your RAM using a miracle Tempest probe from the next hotel room"

    I take it that you're still under the illusion that Spooks is entirely fake? When will people realise that Section D is a real (and major) part of our intelligence agencies?

    1. Anonymous Coward
      Black Helicopters

      Ah, but...

      ... what gives them away is that you never see them sit down and look at the intelligence. Ad do the real spooks have such snazzy systems? I can't see Sir Humphrey shelling out for all that eye candy!

  13. amanfromMars 1 Silver badge

    The Delusional State of Military Affairs.

    "experience suggests that in fact nothing terribly interesting is normally to be found in MoD files even at the SECRET level, let alone CONFIDENTIAL, and maybe they could relax a bit." .... Quite so, Lewis, but they do like to think of themselves as heroes rather than zeroes

  14. Martin 6 Silver badge


    Runway resurfacing would be properly protected - it's commercially sensitive.

    Restricted is just personal detail stuff - like the names, adresses, social security numbers and passport details of everybody who had ever expressed an interest in joining the army. Stuff that couldn't possibly be of use to the enemy.

    This must now be PGP encrypted with the password (which should be either "password" or "secret") written on a post-it note and stuck onto the CD or laptop.

    1. Anonymous Coward

      are you sure....

      'Restricted is just personal detail stuff'...

      Erm....wrong. Lots of information can be classified as restricted and hence handled as IL3, and in fact quite a lot of the information you listed isn't even Restricted - it would be PROTECT - PERSONAL (IL2),although it may be handled as IL3 if lots of it exists in one place (aggregation rules).

      The guidelines for restricted are clearly defined (I will assume you know where) and specific information classifications regarding individual projects on which the public may work are defined in the SAL - where they may decide, for example, to say that the Name of the head of the project is restricted, or the location, or anything. The fact that YOU may have only come into contact with information (maybe in a project) which was classified as R, and that included only personal stuff does not make it a rule.

  15. Hatan Skaaf

    RAF Chislewick

    The AC above must have inside knowledge - I can't find RAF Chislewick. It must be a TOP SECRET base. For black helicopters. So it won't have a runway... Or something...

  16. Martin 6 Silver badge

    Closed source?

    >MS is not closed source if you are a government or any company over a trivial size.

    Yes you can get a license to view the source code yourself.

    But not hand it out to every crypto researcher in every university to look for vulnerabilities.

    You can't recompile and replace the signed code running in the windows kernel - so you have no idea if the source you have been given is the code that is running.

    You don't know if the next windows update will replace the code with a version that has a backdoor.

    Paranoid? Yes - it's also paranoid to think that somebody is going to attack you, but they still let the army have guns.

    1. Mike007


      if you have the source you can compile and sign it yourself if you're that paranoid...

  17. Lou Gosselin

    Security Levels

    Any software, no matter what it's merits, is only as secure as the operating system.

    If the OS is compromised, then so is the encrypted data.

    It makes sense that a software only product has a maximum security rating. Making software stronger only means that the software is no longer the weakest link.

    Higher security (above that of the windows OS) require hardware encryption.

    All security products are vulnerable to physical access. An attacker can simply place a bug to record all passwords/fingerprints/etc. One time key generators are the only way to defeat these "bugs" and even these can be "burrowed" along with the machine.

  18. Anonymous Coward

    Don't store stuff

    Nothing should be on the laptop except a method to very securely attach to your servers to access those files which should never be anywhere near top secret. The military et al should not be working from home or dragging files all over the place. The strength of encryption should always match the value of the data and the length of time the data is useful to a dodgy third party. If you slap those large keys around someone will crack them eventually.

    1. sandman

      Connection problems

      I can envisage a number of scenarios where you might want to access restricted documents but not be able to connect to a server. Shall we start with something mundane like looking up vehicle or weapon repair details somewhere in the field. We might go on to looking at pictures of suspects in a hide somewhere in the middle of nowhere. Then of course there is the scenario where there are no servers left to access, but I think that's called a "worse case scenario".

      1. phoenix

        Amazingly enough

        we managed operations in Ireland and other far flung places without resort to such needs and often with greater success than we are achieving now. IT cannot solve everything and sometimes it is a total crap crutch. As for field repairs - anything that needs a manual is sent back to the manfacturer and you should know your weapons (small to medium arms) backward.

    2. Gulfie

      And then again...

      You could equally argue the case that there should be "no external access" to any hardware holding (say) Secret and above. Stalemate.

      Actually what you should be doing is deciding on a case by case basis, and having appropriate policies and processes in place to support the need to take copies of protected documents (paper or eletronic) off site.

      IronKey! And no, I don't get commission...

  19. Anonymous Coward

    So just to be clear...

    If they put software encryption on a UK-R machine or other physical protection on a machine with higher classification (not connecting to lower classification networks would be a start) then they're being paranoid but if a machine goes missing with such data on it (regardless of the encryption employed), they're being lax?

    When do you start as tech correspondent for the News of the World?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022