Mac Security: Privacy
Third-Party Privacy Tools
When it comes to encrypting your files or keeping your communications confidential as they traverse the Net, there are several third-party apps that can substantially supplement OS X’s built-in tools.
Protecting Your Files If neither FileVault nor an encrypted disk image suits your needs, you should consider a third-party encryption program instead.
Numerous Mac programs can encrypt individual files or folders (or create “vaults,” often in the form of proprietary disk images, for holding multiple files). Examples are Intego’s $40 FileGuard X5, Marko Karppinen’s $30 Knox ( ), PGP Desktop Home ($99; ), and Smith Micro’s $80 StuffIt Deluxe ( ).
These programs typically offer greater flexibility and more features than either FileVault or Disk Utility.
For example, StuffIt Deluxe not only encrypts but also compresses your files. PGP Desktop Home can also encrypt e-mail and instant messages (a new version of that program should be available by the time you read this; see Macworld.com for our review after it comes out). You can set FileGuard to securely overwrite the original versions of your files automatically when they’re copied to an encrypted image.
If you want to encrypt an entire volume (other than your startup volume), consider the free, open-source TrueCrypt, which can also create hidden encrypted volumes. Two products can encrypt an entire Mac startup volume: Check Point Full Disk Encryption ($120) and PGP’s Whole Disk Encryption ($119). Check Point Full Disk Encryption is geared toward corporate customers who buy in volume, while PGP Whole Disk Encryption is readily available to individual consumers.
Protecting Your Communications If you want to be absolutely certain that a message will get to its destination without being read by anyone else, but don’t want to jump through the hoops Apple Mail requires, look for a third-party option. Your best bet is software based on PGP (Pretty Good Privacy), a widely used, platform-neutral encryption system.
The commercial version of PGP, PGP Desktop Home, lets you sign and encrypt e-mail messages with just a few clicks; it also ensures that all your e-mail accounts use SSL. (Your correspondents must also be using some version of PGP.)
Alternatively, you might try the free, open-source Mac GNU Privacy Guard (or Mac GPG for short). Mac GPG lacks many of PGP Desktop Home’s snazzier features. It also requires the installation of several different packages and takes a little bit of effort to set up. (For example, to use it with Mail, you’ll need a separate open-source add-on called GPGMail, the Leopard version of which is still in beta.) But it’s compatible with PGP and makes a good, inexpensive way to get started with e-mail encryption.
For most users, simple approaches (perhaps even using OS X’s built-in software) are more than enough to protect privacy. Secure your e-mail with SSL and your iChats with MobileMe encryption, and either create an encrypted disk image to hold sensitive files or use FileVault to encrypt all your personal documents. If you need more power or flexibility, try a third-party program, but be sure to download a demo version and give it a thorough tryout before buying it. Even the most powerful encryption software does you no good if using it turns out to be so cumbersome that you avoid it.