Seagate To Encrypt Data On Hard Drives 321
Krishna Dagli writes "Seagate, using their new DriveTrust Technology, will automatically encrypt every bit of data stored on the hard drive and require users to have a key, or password, before being able to access the disk drive."
Proprietary algorithm. (Score:2, Interesting)
Re:Wow (Score:3, Interesting)
Good thing people have backup systems in case their mobile computer gets stolen or faces some other mishap.
Really, if you've got valuable enough data to be encrypting it, you'd be nuts to not have it properly backed up as well. Though I guess bad decisions happen...
Progressive decoding (Score:3, Interesting)
Roadmap To DRM'd PC (Score:3, Interesting)
It's not about end-user encryption, it's about the OS using encryption in some form to eliminate your personal freedoms.
The price will be right though, so most users won't know or care.
The DRM noose around the average user's neck is being sold like a nice, new necktie. Most users will have one in 3-5 years. Then it is only a matter of tightening the noose. If you want it loosened, pay and pay some more.
Finally, there is no market mechanism so the price of loosening the noose around your neck is made by the producer. (A price maker: http://en.wikipedia.org/wiki/Monopoly#Coercive_mo
If you value your personal freedom, you will switch to something freer, then you will tell your friends and help them to do the same. Perhaps a Linux or BSD desktop is a good start.
Re:Next time RIAA asks your HD... (Score:3, Interesting)
If you actually care about protection from governments, legal actions from private parties, or malicious foreign entities that may otherwise acquire keys that Seagate program onto drives, you'd have to use a mechanism where you know the key isn't provided by an external party.
Note this is based on assumptions (article was light on details), but based on what I know about the industry, the encryption being always-on and the actual key encrypting the data being static per drive seems a likely outcome, as it satisfies most all business needs with the least amount of effort on laptop manufacturers and IT departments that use hard drive passwords in the present.
Troubling implications (Score:3, Interesting)
I also am concerned about the DRM implications of this. Could for instance, in the future, the disk perhaps allow Windows to request that an NTFS filesystem be locked and Linux not be allowed to access it? Could this be used by Microsoft to lock open source programs out of reading data from other programs?
Re:No back doors? (Score:3, Interesting)
To meet any reasonsable security policy one would need a "yes" to each of the questions: Is the source code for the encryption routines provided? Is a complete API provided? And can the owner of the hardware verifiably replace every digital key in the device?
If the answer to any of these is no, I would have to assume it is backdoored and maybe part of a DRM scheme.
Remote access *is* a consideration. (Score:3, Interesting)
All of these solutions are mostly aimed at PCs used by users right at the local console, but I could see a lot of good reasons for wanting encryption on a server, or other colocated computer. Or maybe I just want to make sure that my desktop workstation doesn't hang forever after a power outage, waiting for someone to put a password in on its local console.
It would be nice if there was a way to mount one of these drives by giving it a password over a secure networked connection.
I guess the way to do it would be to put the root filesystem (hopefully not containing any sensitive data) on an unencrypted drive/partition, and then letting the machine boot from that, and then prompting for a password when it wants to load the drive or partition that contains user data (/home or whatever you prefer). Maybe you could keep a small solid-state flash drive that would maintain a minimal system, just enough to boot the machine and provide network services, and then from there allow you to mount the hardware-encrypted drive. That wouldn't require you to have two complete drives.
Alternately, maybe one of those drive+flash combo units that they're talking about pushing now, could offer features like that. Keep enough of the system on the flash (unencrypted) to bootstrap the machine to a point where you could safely authenticate remotely, and bring up the encrypted portions of the drive.
On Windows systems that mostly keep the user data on the same drive and partition as the system, I don't see an elegant way to do this. But I guess that's just a reflection that no matter how many ways you try to dress it up, Windows is really designed to be a single-user, locally-operated system, at least in most configurations and common flavors.
Re:No back doors? (Score:3, Interesting)
Umm, I'm guessing people who realized it was insightful.
The closest the US gov't has come to regulating the domestic use of encryption was the aborted "clipper chip" fiasco. Traditionally government spooks have relied upon the eggheads at the NSA to be one step ahead of civilian encryption, not secretly leaning on manufacturers to force them to put in back doors.
Riiiiiight. And I'm guessing they take encryption a lot less seriously than paper printed on laserjets. Right? You know, where they are in bed with the inkjet/laserjet printer manufacturers that secretly print out the serial number of the printer [eff.org], and the date on each page they print.
If you think the government is worried about counterfeiting, but not encryption, I've got a bridge to sell you.