Ox Locks (or PGP no more!)
I’ve been putting up with the commercial version of PGP for OS/X for some time now — chiefly so that I would have a reliable, military-grade encryption of virtual disks. PGP looks great at first blush and, usually, works great too. Unfortunately, it’s commercial, getting more expensive and lately it’s been plagued by a number of problems.
After my latest bout of issues trying to convince PGP for OS/X to “do the right thing” when it comes to email encryption, I gave up. Along the way, I also uncovered quite a few complaints from others — ranging from disabled sleep modes to wholesale issues with disk access. I wouldn’t doubt it. PGP installs quite a few hooks into the system and I, for one, am happy to see it go.
So what am I using instead? Knox offers an inexpensive and unintrusive solution. It installs as a lightweight system menu item and uses OS/X’s encrypted disk images to protect your data. I think it’s much easier to use than PGP and, by virtue of not tying itself into OS/X at every level, is more portable and easier to manage. It also has a handful of great features, such as backup support, Spotlight integration and iPod integration (as long as your encrypted disk images aren’t too big). And, unlike PGP, it uses sparse disk images (that is, the virtual encrypted disk grows as you fill it up, or shrinks as you delete files). PGP, on the other hand, has a fixed-size image.
Knox does not support email or iChat conversation encryption, both features of PGP. Fortunately, in the past few years, OS/X Mail and iChat have both introduced full support for encrypted communication. Best of all, using the open standards of Mail and a Thawte certificate, you don’t have to ask everyone you email to run out and by a copy of PGP so they can decrypt your mail.
