Protecting the privacy of your e-mail messages and e-shopping may sound daunting, but starting this week you can get some assurance from security expert Network Associates. The company is selling McAfee PGP Personal Privacy 6.5.1 for $19.95.
PGP, which stands for Pretty Good Privacy, is an encryption tool that combines symmetric and public key encryption. It is free from the Massachusetts Institute of Technology Web site.
Personal Privacy 6.5.1 is McAfee's own version of PGP that adds some extra tools for encrypting just about anything.
With a base key level of encryption at 4906 bits, PGP goes far beyond the security levels in most encryption software, according to McAfee representatives.
"Basically anything less than 128-bit can be broken pretty easily," says Lisa Citron, product marketing manager for McAfee. "Until processor speeds get really fast, no one's going to crack that encryption without significant effort."
Browsers often come with low-level 40-bit encryption keys, which a hacker can break relatively easily, Citron says. The more bits in the key, the more secure your data will be.
McAfee's new product is not restricted from U.S. export, as products higher than 56 bits in key length were until last week. The White House has approved export of encryption products of any length, except to a handful of countries considered terrorist states.
Marketing to Fear
McAfee has added Automated Electronic Data Shredding, intended to keep hackers from recovering files you've deleted or files in the free space area of your hard drive. When you delete a file, the file name may disappear from the directory, but the data is still on your hard drive, Citron says.
"Automated Electronic Data Shredding shreds the hell out of a deleted file and no one could put it back together," Citron says. So you'd better make sure you'll never want to recover the files you shred.
Usually the recipient of an encrypted file needs a copy of the encrypting software to open it. McAfee's program provides Self-Decrypting Archives, so you can exchange information with people who don't have PGP.
To give someone your password so they can unscramble the encrypted message, you have to pick up the phone, send the password through regular mail, or use some other method than e-mail.
But this poses a problem: If you're afraid someone will intercept your e-mail, how secure do you believe your telephone line or snail mail is?
The fear of security breaches is genuine, and drives a $3.2 billion worldwide market for Internet security software. That's up 43 percent from 1997 to 1998, according to International Data Corporation.
Most e-commerce sites have firewalls to protect servers and encrypt transaction information, according to a Jupiter Communications study. But security measures can fail to protect you from openings in Web servers, bugs in software, or code programmed internally, the study notes.
McAfee's PGP addresses these concerns by letting you create an invisible password-protected drive on your computer to protect information, Citron says.