PGP Desktop Home 9 full review
PGP Desktop Home 9 has emerged as a powerhouse of a personal-security product after surviving ownership by four different companies, a US-government munitions lawsuit (dismissed), and benign neglect. PGP was released as Pretty Good Privacy in 1991. Ever since, PGP has worked best at encrypting communications. It’s been less successful at making encryption approachable for normal human beings.
This latest version of the product makes it much easier for average folk to ensure their communications and documents remain obscured from unintended eyes. PGP Personal 8 was a solid program that could deliver powerful and reliable encryption, but it had a confusing interface. Version 9.0.1 improves the interface by consolidating it into a single PGP Desktop window. It also eases encryption through a new proxy process, and can now encrypt instant-message chats.
Public key at the centre
At its heart, PGP Desktop manages very long encryption keys that protect your data en route. PGP uses public-key cryptography to enclose your documents, email messages, virtual disks, and instant message (IM) sessions in a so-far unbreakable wrapper.
In public-key cryptography, you create two keys as a pair; PGP provides a wizard to assist in making this pair. The private key is kept secure through a passphrase and stored on your computer. The public key should be widely distributed to people who will be sending you encrypted items. If someone sends you a message encrypted with your public key, you can only decrypt it using your private key.
PGP Desktop creates, manages, publishes, and retrieves public keys; encrypts and decrypts documents, discs, or clipboard text with those keys; and uses those keys to sign or verify documents or the clipboard.
Email safety, with benefits
PGP Desktop Home 9’s email encryption is now based on proxying, so PGP relays messages between any email program that uses common email protocols (POP, SMTP, or IMAP) and your Internet service provider’s mail server. This relieves the company of having to provide plug-ins for each email program, and it makes the program much more flexible and more thoroughly protective.
Because PGP Desktop Home 9 acts as a proxy, it can now act on the contents of your email using rules you define and a few rules PGP has included. For instance, the program can automatically encrypt any outgoing email message that you mark with ‘PGP’ in the subject line. And PGP decrypts incoming messages before they reach your inbox. (PGP Desktop Professional, priced for larger implementations, has a few additional features designed for corporate networks.)
More importantly, PGP can create an encrypted tunnel between itself and an ISP that offers secure email connections. This encrypted tunnel relies on Secure Sockets Layer (SSL), the same technique used for secure Web sessions, but it’s erratically implemented in email clients and mail servers alike. PGP spans these differences using technology from the company’s high-end Universal Server. In essence, it just works and you don’t have to pull hair figuring out how to make it work.
The flaw in PGP’s method is that the program attempts to make a secure connection by default. If you already employ some form of secure email, your connection will fail, and the messages reporting the failure are inexact. The setup process should take into account that a user might have a secure connection and offer appropriate setup advice.
Keep chats private
The new support in PGP for encrypting AIM and iChat sessions is adequate, and better than other encrypted alternatives. All participants must have PGP Desktop installed to take advantage of this feature. The software protects chats between two people, and the files they transfer between them, but not audio and video or multi-person text instant messaging (IM).
One ease-of-use problem here is that the tools for handling IM don’t appear in the PGP Desktop window as a separate item under the PGP Messaging option. Instead, IM options are in the Preferences dialog’s Messaging pane, scattered about in the main window, and in an additional Advanced dialog.
PGP Desktop also includes its long-standing support for encrypted virtual disks. These disks are just like a normal disk image, but their contents are encrypted, so when you mount an encrypted virtual disk, you can’t use it without a key. Apple’s Disk Utility can create similar disks, but PGP Desktop provides lots of options for security, such as the dangerous, but potentially useful, ability to unmount a virtual disk even if some of its files are open.
PGP Desktop users can also verify that documents actually came from the person who created them, and vice versa. When you sign a document in PGP by selecting it via FileSign, a recipient of that signed file can verify both that the contents of the document are unchanged and that you, and not someone else, sent the file.