Seagate To Encrypt Data On Hard Drives

Krishna Dagli writes "Seagate, using their new DriveTrust Technology, will automatically encrypt every bit of data stored on the hard drive and require users to have a key, or password, before being able to access the disk drive."

No back doors?

[pieterh]

Seems unlikely.

Would Seagate really attempt to market a drive that was going to protect pedophiles and terrorists? (Not to mention us ordinary citizens who don't wholly and utterly trust the organs of the state to act systematically in our best interests.)

If so, it's a brave move. But somehow it just seems so unlikely...

Re:

[dilute]

You betchum. This is not going to last long enough to make it to market witout a back door for "National Security". No way, no how.

Re:

[Anonymous Coward]

>Tin hat Even if they claim to use an industry standard encryption .. I still wont know if the key can be secretly stored in a retrievable fashion in a EEPROM on the HDD hardware. Where are these drives made?

The best security IMHO is linux with GPG and mix 'n matched off the shelf hardware. This way the HDD doesnt know what/where the encryption key is, or even that the data is being encrypted.

In my opinion, mass distributed software based encryption is easier to trust (because it's easier to verify the i

Re:

[pilgrim23]

when you need to hack the encryption...remember: Think of the Children!

Re:

[aarku]

Backdoors are the reverse of doomsday devices. In the words of Doctor Stangelove:

Of course, the whole point of a Doomsday Machine is lost, if you *keep* it a *secret*! Why didn't you tell the world, EH?

The whole point of a backdoor is to keep it a secret! And it's pretty darn hard to disprove something's existence.

Re:

[QCompson]

Would Seagate really attempt to market a drive that was going to protect pedophiles and terrorists?

Of course, some people might reasonably believe encrypted hard drives such as this could help stop the corporate data leak of private customer information. But alas, hysteria rules the day.

I fear that at some point Joe Public will think "encryption = pedophiles and terrorists". Maybe that's already the case.

Re:

[Gilmoure]

DHS has mandated all government laptops with PII need to have encryption on them. Hard drive encryption just means it'll be faster and easier to implement.

Yes

[unity100]

Just as the gun manufacturers manufacture guns that are as easily used by psychopaths as they are used by legitimate owners.

Re:

[strider44]

2) to defend against a corrupt government, to create a balance of power in the people. today that's not relevant since the gov has MUCH bigger guns. they have nukes, for crissakes! there is ZERO chance any group of people will be able to 'control the gov' with guns. just not gonna happen anymore. if you even try, you will find yourself dead or locked up anyway. you can't fight 'the man' this way.

Actually that's quite wrong. The difference is that you're for some reason expecting the populous to be fight

Re:

[quentin_quayle]

Whenever you see the word "trust" in name or catch-phrase for computer hardware these days, to tell whether it's really for security or whether it its for a DRM scheme, you have to ask, Who is trusting whom to de what?

To meet any reasonsable security policy one would need a "yes" to each of the questions: Is the source code for the encryption routines provided? Is a complete API provided? And can the owner of the hardware verifiably replace every digital key in the device?

If the answer to any of these is no

Re:

[IndigoZenith]

Calling Seagate Tech Support:

Seagate: Welcome to Seagate, the current wait time is... 12 days, 6 hours and 32 minutes.. please hold....

*Music Plays*
*12 days later*

Seagate Tech: Welcome to Seagate Tech Support, How can I assist you today?
Customer: hi ummm... I lost my password for this new Encrypted Hard Drive, can you help me?
Seagate: Sure can, ok at the prompt type the following: Lieutenant General Keith B. Alexander
Customer: hmmm ok, HEY!! it works thank you!!
Seagate: Not a problem, have a wo

Re:

[RageOfReason]

I knew Seagate was in league with the devil. Did you know that Seagate is an anagram of Teageas, the ancient Norse name for Lord of Darkness? Seagate should be ashamed of themselves putting the security of our nation, myself and my loved ones ones at risk. And for what? Sheer corporate greed - the bastards.

And while we're at it let's all stop using SSL and the like. Anyone who continues to do so is clearly a terroristic pedophile and may be gunned down in cold blood; better safe than sorry I say.

Re:

[Tweekster]

What is the penalty. Hand over your key...er wait what do you mean it doesnt work, seriously that is the key, i must have wrote it down wrong, DAMNIT.

Re:

[lawpoop]

You think that Seagate wouldn't have a copy of your key?

Key == serial number

[everphilski]

control panel, system, hardware, device manager ... ( i dont know, but it would make sense if they wanted to make a failsafe default )

Re:

[lawpoop]

I think that given the 'post-9/11' world we live in, there is no way the US government is going to allow Seagate to sell encryption technology that is totally under user control. When they are chasing down terrorists, why would they want to rely on the suspect for the key? Just call up Seagate and get it.

Re:

[LurkerXXX]

What fool modded this "insightful"?

Umm, I'm guessing people who realized it was insightful.

The closest the US gov't has come to regulating the domestic use of encryption was the aborted "clipper chip" fiasco. Traditionally government spooks have relied upon the eggheads at the NSA to be one step ahead of civilian encryption, not secretly leaning on manufacturers to force them to put in back doors.

Riiiiiight. And I'm guessing they take encryption a lot less seriously than paper printed on laserjets

Re:

[cortana]

5 years in prison.

Re:No back doors?

[walt-sjc]

Of course no discussion about back doors or prison is complete without linking to two.

Re:

[Tweekster]

"but i swear i wrote down the password on this piece of paper and put it in my safe, i have no idea why it doesnt work, is that an I or an L, crap. i knew I should have printed it instead of writing it by hand, my handwriting sucks"

Re:

[CastrTroy]

They have the RIP Act [wikipedia.org] in the UK that says you have to turn over your crypto keys on request. I don't know how well a law like that would fly in the United States. It kind of goes against the idea of not testifying against yourself, and having the right to remain silent. I don't know how the law got passed in the UK, but I imagine that the same could happen in the US.

Re:

[cortana]

I believe silence can be used as admission of guilt, but I only read it on the Internet so it may be a load of crap.

For the record, even though the RIP act has been law for some years now, the schedule under which contains the laws under which the police can demand decryption keys has not yet been made active.

Re:

[drinkypoo]

AFAIK in the US silence can only be used to justify suspicion. The whole point of the fifth amendment is that silence is not an admission of guilt.

Re:

[cortana]

But the downside to your country is that I can't watch DVDs over there without breaking the law. ;)

Re:

[ari_j]

The Supreme Court case law on silence is bizarre. It goes something like this - if you are silent before being advised of your right to remain silent, it can be used against you. If you invoke your right to remain silent and then later speak up, it can be used against you. If you invoke your right to an attorney after being advised that you have the right and then later speak up, it can't be used against you. So if you get arrested, tell them to advise you of your rights and then immediately demand an a

Re:

[evilviper]

if you are silent before being advised of your right to remain silent, it can be used against you

You mean before being arrested, I presume. Once you've been arrested, they immediately inform you of miranda, BECAUSE they can't use anything you say before that point.

If you invoke your right to remain silent and then later speak up, it can be used against you.

They don't gag you when you decide to remain silent. You can change your mind at any time, of course.

If you invoke your right to an attorney after bein

Re:No back doors?

[Lumpy]

Which is why smart people use something that give plausible deniability.

truecrypt [truecrypt.org] allows you to create a double encrypted volume. 2 passphrases. 1 - lets your torturers into a set of incriminating looking but innocent files, the other lets you into the real files. there is NO WAY to detect or extract the real files from the planted files.

look innocent to the coppers while you continue to hide the goodies.

looks even better if you have other things that use the same planted password and are your tax info ,etc...

Re:No back doors?

[perrin]

Truecrypt is a nice idea, except that if the interrogators find truecrypt on your harddisk, they may automatically assume you have a hidden volume inside your encrypted volume. It is only when truecrypt is distributed on your distro of choice by default, and is used there regularly to encrypt volumes without a hidden volume, that it provides plausible deniability.

Journaled Filesystems can give them away.

[SeaFox]

there is NO WAY to detect or extract the real files from the planted files.

Actually, if they monitor changes to the drive on the sector level, they would see the blocks of the hidden volume changing, which would make no sense if they exist in a section of the (outer) TrueCrypt volume that contain no files. And these changes would be visible on a journalling filesystem. So it's recommended you don't use one.

(this is all in the TrueCrypt FAQ's by the way)

Re:

[geekwithsoul]

No, the GOP likes pedophiles, or at least they do if they're in Congress. I don't know how they feel about terrorists in Congress :)

Re:

[LunaticTippy]

Studds fucked a page of the legal age of consent. That doesn't make him a pedophile.

Wow

[OverlordQ]

Laptop computers with DriveTrust-based hard drives would prompt users to type in a password before booting up the machine. Without the password, the hard drive would be useless, Seagate officials said.

Even data-recovery specialists would not be able to help if the assigned password somehow gets lost, said Scott Shimomura, a senior product marketing manager at Seagate.

Good thing passwords are never forgotten.

Re:

[interiot]

Good thing people have backup systems in case their mobile computer gets stolen or faces some other mishap.

Really, if you've got valuable enough data to be encrypting it, you'd be nuts to not have it properly backed up as well. Though I guess bad decisions happen...

Re:

[OverlordQ]

What % of home users actually do backups? I'm not talking about % of people on /. since that number will be vastly larger then if you sample JRandom "I broke the cup holder" User.

Re:

[orasio]

Home users?
Why would an "I broke the cupholder" home user use an encrypted drive?
Encryption takes some knowledge to actually work reliably, and the dumb home user that you invented for your own purposes (noone was talking about that) doesn't probably have it.

Re:

[jbarr]

So much for allowing my remote-access computer at home to auto-boot....

Remote access *is* a consideration.

[Kadin2048]

This is actually a very good point.

All of these solutions are mostly aimed at PCs used by users right at the local console, but I could see a lot of good reasons for wanting encryption on a server, or other colocated computer. Or maybe I just want to make sure that my desktop workstation doesn't hang forever after a power outage, waiting for someone to put a password in on its local console.

It would be nice if there was a way to mount one of these drives by giving it a password over a secure networked conne

Except...

[Junta]

That's just a token handshake between the drive controller board and the IDE/ATA controller. swap the drive's controller board and you could defeat it easily (or look at the platters). This tech actually implies encryption, which may be similar looking end-user wise, but harder to defeat (depending on their key management approach).

Re:

[jmorris42]

> About the technology - I *thought* some IBM notebooks were already doing encryption on the disk..

Nope. It just requires a password to get access to the drive. And it stores the password in a small eeprom inside the drive bubble so getting at it is a pita. There are several data recovery houses that will crack it for you, and they only require one of two things:

1. An invoice with the machine's serial number.

2. A request on letterhead of any law enforcement agency.

Safe against random stupid criminal

Mis-named

[proc_tarry]

DriveMisTrust sounds more like it.

Re:

[ergo98]

DriveMisTrust sounds more like it.

If you can feel relatively confident that a lost or stolen laptop (or desktop for that matter -- they get stolen too) will not in any way reveal confidental data, then I would say it gives you a lot more trust in the media, hence the name.

Re:

[proc_tarry]

I was thinking more of keeping my data private from the nefarious plans of others, and likewise our mis-trust of them. Because I need to OnStar car, ADT my home, V-chip my kids, and now DriveTrust my data. All to make me feel secure.

It's all irrational fear perpetrated by the bogeyman.

Proprietary algorithm.

[Gandalf_the_Beardy]

FTA: Though DriveTrust is proprietary.... Not much use unless it's published and described - unless they do that most serious users are going to discount it. I hope it's actually robust though as there will be an awful lot of people relying on this for home use. How many of them are going to have that nice warm fuzzy "I'm safe" feeling and therefore not bother with all the other good things like patching and spyware-awareness etc.

Re:

[udderly]

The way I see it, there will be a whole lot of people losing their data.

Most idiotic home users that I have the misfortune to deal with bring their computer to me when the hard drive is making horrible noises, Windows is broken or there some hardware problem.

Then, and only then, do they worry about how they're going to recover the five years worth of digital photos and financial information that they have never backed up. Since half of them don't even remember their email passwords, I highly doubt t

Re:

[nine-times]

The way I see it, there will be a couple people losing their data.

Most idiotic home users won't know enough about it to use this tech. Either they'll be specialty drives or it will require an added bit of voodoo to enable the features, but either way it won't be used on most systems. Most IT departments will be smart enough to know when to use this technology, and the rest will be too dumb to worry about technology at all.

There will be a few tinkerers who, out of misguided fantasies of being James Bond,

I thought AES is publishe?

[Lead Butthead]

while listening on KCBS on my way to work this morning, an burp length interview with Seagate claims the encryption used is AES.

Re:

[drinkypoo]

That's nice. We need the code for the implementation of AES so we know there's no backdoors or introduced flaws.

The technology isn't the news

[solevita]

The news should be that this was announced some time a go, but is still delayed. I've been reading press releases (such as this, sadly undated example [seagate.com]) since March of this year (yes, almost 8 months a go). No release date given in the article provided by the submitter, but I've heard rumours of Q2 2007.

This should be good when it's released, but I've long since stopped holding my breath.

Encryption vs ATA Security Mode

[Lord Ender]

Watch out when looking at disk protection software. Some companies, like Maxtor, sell security functionality (called DriveLock, among others), which is really just "ATA Security Mode." This is NOT encryption, it is a feature of the disks circuitry whereby the drive will not output any data until the "password" has been provided. Some drives even ship with default master passwords included. Maxtor's product even includes a "I lost my password!" feature, making the security of the product completely worthless

Re:

[CastrTroy]

I think it's much better to use something like truecrypt for hard drive compression, because you can scrutinize the code, and know that what you're getting is a secure product. However, I think it would be nice to have something like this if it would speed up the disk access. If there's a dedicated cryptoprocessor on the drive, to encrypt and decrypt the data, then performance could be a lot better than using your plain old CPU for the task.

Not in my IT department!

[bbernard]

Because I don't want the added lag of hardware en/decryption with every write/read.

Because I don't want one more password per computer that I, as an IT admin, need to keep track of.

Because I don't want even the operating system, swap, graphics, and music files encrypted.

Because new technology like this *never* causes any issues with the system's operation.

No, not in my IT department.

And maybe you don't need it..

[Vellmont]

Unless you're handing classified information, have employees take home thousands of credit cards on laptops, or thousands of medical records on laptops you're probbably not really the target for a drive like this.

If your company does handle this kind of data (or worse), maybe you should be re-examining your role as a sys-admin or manager. It's not all about making your life easier you know. There are of course risks and costs to maintaining a database of passwords, small performance costs for encrypting/decrypting the HD, and possible incompatibilities. There's also risks and costs associated with someone losing the laptop and the big headlines in the newspaper about how your company now looks like a bunch of ass-hats for losing 200,000 CC #s, 50,000 medical records, etc. Security and administration is about managing risk. If the overall risk is lower with this drive (and the price is right), you do it.

Re:

[Junta]

-added lag: probably insignificant particularly implemented in hardware. Software is for most people not noticable, if the hardware chip throughput can encrypt/decrypt at a rate that saturates platter read/write rate, no throughput penalties and the latency penalty is probable a couple of orders of maginitude smaller than the seek speed.

-That's why this is marketed towards laptops, and as an IT admin, Your policy should be fairly clear that laptop data recovery is best-effort (drives crash fairly frequentl

Re:Not in my IT department!

[JustASlashDotGuy]

Interesting... You don't want it in your IT Dept, yet we are eagerly awaiting it in our IT Dept. We're not going to go with the Seagate solution, however we are eagerly awaiting the release of Vista so we can take advantage of the BitLocker Encryption. I work for a CPA firm; privacy is pretty important.... especially when you have auditors in the field and the occasional laptop getting stolen. The slight slowness in full harddrive encryption is well worth the price. 99.9% of the users will never notice it.... Excel/Word isn't exactly a HD intensive application. And yes... in the past (5 years ago), we did full HD encryption and it wasn't bad at all (slowness wise). The only issues came into play if you wanted to remove the encyption, or if the drive started to fail and you wanted to boot off a boot disk to grab your data (it was possible, but cumbersome). Hopefully Vista's solution will be more robust. If the trials work out as we hope, full encryption firm wide will be the next step (possibly within 6 to 8 months).

Re:

[Billly Gates]

So you want to keep auditors out of your files.

Part of me does not like this because companies like Enron and Diebold would have a field day with this. No proof of anything and timb bombed documents protected by TCPA to delete evidence would make it impossible to prove guilt.

Re:

[booch]

Err, I think you mis-interpreted what he was saying. He was saying that the firm has auditors in the field, who need their laptops protected.

Re:Not in my IT department!

[JustASlashDotGuy]

So you want to keep auditors out of your files.

What? Sorry if that's the impression you got, I must have mis-typed. We aren't trying to keep auditors out of the files, we are trying to keep thieves out of the files. We've had laptops stolen while our auditors were out in the field before. The last thing we want is for our client's data to find its way into the wild. If we were working on your tax return, wouldn't you prefer that *if* it was copied to a laptop HD, that the laptop HD be encrypted? Protecting information if very important to us.

Encryption wouldn't have helped cover up Enron. Even if your drives were 100% encrypted, you still have paper copied the Feds could go after. Even if you shred all your paper (which would look very fishy, even in a 'paperless office'), you still have backup tapes. And if every single one of your backup tapes were encrypted AND you just happen to have 'forgot' the password to the tapes as well... well, I think the judge will have you for obstruction at that point.

Trust me.. accountants aren't the most tech savvy individuals. They just do their job and get the hell outta here. Enron and AA had some bad people at the top. A few bad apples which hurt a lot of very good people. They may have been very good at fudging some numbers, but when it comes to "tech savvy'ness".... well, there's a reason that in all the scandle movies.. the only things accounts know how to do is shred paper.

Re:

[bbernard]

My point is really more about this being an overkill solution, and poorly thought-out as well.

1. I've seen all sorts of problems with encrypting certain system files on a hard drive. Perhaps that's because the encryption has been software based, but key system files seem to have problems when encrypted.

2. How will you enforce strong passwords? How will you enforce password change policies? Can you even change the password once it has been set? If the user and IT agree on a passowrd, can we be sure tha

Re:NTFS EFS

[massysett]

Hey, JustA SlashDotGuy,

How about the Encrypting File System that's already available in Windows XP Pro? Just wondering how the BitLocker is something worth eagery awaiting...

Re:

[JustASlashDotGuy]

How about the Encrypting File System that's already available in Windows XP Pro? Just wondering how the BitLocker is something worth eagery awaiting...

To my knowledge, EFS doesn't allow you to encrypt the entire OS partition. We'd want the entire drive to be encrypted and I believe this is something allowed with BitLocker.

Re:

[CastrTroy]

Why are you waiting for Vista when you can encrypt your data now with TrueCrypt? I would trust something like this a lot more than Bitlocker from a recovery standpoint. With bitlocker, you have to rely on Windows to unlock the data. With Truecrypt, you could hook the drive up to a Linux machine and still be able to read the data. I'm not trying to start a Windows/Linux war here, I'm just saying you'd be much better off not trusting MS to properly encrypting your data without any back doors, and being al

Re:

[LordKronos]

Because I don't want even the operating system, swap, graphics, and music files encrypted.

If you don't want the swap encrypted, then why bother encrypting any of the data at all?

Next time RIAA asks your HD...

[Zaatxe]

... you can hand it to them with a grim smile on your face!

Re:

[neoform]

Uhh, this doesn't include plausible deniability.. if they _know_ the info is encrypted then they'll just make the judge tell you to give them the password.

you're much better off using something that cannot be identified as being encrypted.

Re:

[Zaatxe]

True, but I meant to be funny. I have no idea where this Insightful mod point came from!

Re:

[Junta]

And they will thank you and subpoena Seagate for the encryption key. I suspect they will try to be functionally compatible with the current hard drive password commands used commonly today, and that means the actual key would be stored permamently on the controller board, encrypted using your password, but if Seagate chose to retain that key themselves, you could still be in a world of hurt.

If you actually care about protection from governments, legal actions from private parties, or malicious foreign enti

No Thanks.

[bergeron76]

I don't need a harddrive that I could accidently lock myself out of.

Re:

[geoffspear]

This is exactly why I demanded that the dealer remove all of the locks when I bought a new car.

Actually I insisted he completely remove the doors, but he came up with some bullcrap about how the car would no longer be street legal and that he couldn't let me drive it off the lot.

Progressive decoding

[soft_guy]

There was a technique that was described on Slashdot a while ago that allowed you to turn over some crypto keys and it would decode a little bit more of the disk each time. That way, your opponent is never sure you have handed over all the keys and it makes it possible to hand over just enough keys to convince a judge. It would be nice if this drive supported that technique so that you would turn over just the first key if taken to court.

Roadmap To DRM'd PC

[mpapet]

This is one more step toward owning a computer you no longer control.

It's not about end-user encryption, it's about the OS using encryption in some form to eliminate your personal freedoms.

The price will be right though, so most users won't know or care.

The DRM noose around the average user's neck is being sold like a nice, new necktie. Most users will have one in 3-5 years. Then it is only a matter of tightening the noose. If you want it loosened, pay and pay some more.

Finally, there is no market mechanism so the price of loosening the noose around your neck is made by the producer. (A price maker: http://en.wikipedia.org/wiki/Monopoly#Coercive_mon opoly [wikipedia.org])

If you value your personal freedom, you will switch to something freer, then you will tell your friends and help them to do the same. Perhaps a Linux or BSD desktop is a good start.

Re:

[b0s0z0ku]

This is one more step toward owning a computer you no longer control.

The product mentioned in TFA is all about controlling your computer and your data and keeping unauthorised people from abusing it. What kind of crack is the parent smoking?!

-b.

Sign me up!

[ArcadeNut]

I'll take one for my laptop and several for my desktop machine (which sounds like it's not currently avaialble) as long as it is transparent to the OS and doesn't kill performance.

I deal with a lot of my customer's data from time to time and it would be nice to have extra safeguards in place IF my laptop or desktop machine was stolen. It would also be nice to be able to protect all my source code. Just because they can't log into the OS doesn't mean they can't copy the data off the drive. This would pre

The protection is not necessarily for YOUR data...

[awfar]

...but allow you to agree to someone else's password, oh, say RIAA,MPAA, etc.

This can keep YOU from accessing the data on the hard drive, you know, the data you gave away your rights for when you clicked that license or bought that TIVO, etc.

Simply couple that technology with Trusted Computing and you no longer control the hardware you payed for.

I am sure this is obvious to those already in-the-know, but is meant as a Public Service.

Good for Seagate, Bad for Users.

[nuckfuts]

There have been passwords available to lock access to IDE drives for some time now. While this is not the same thing as encryption I predict the same problems will arise from it, namely that users will lose access to their own data. When this happens you will have several choices:

1) Contact Seagate and ask for help. They'll tell you it's impossible to access the drive. After all, it's much better for them if you have to purchase a new one.
2) Contact some 3rd party service that is able to crack the drive. Si

Great in theory

[bogie]

We'll see if it's A) a real verifiable encryption standard being used and B) if they keep a back door open. The article hints that there is no "master" password and that if you lose your password your toast. If that's true then great, if not then this technology isn't worth a dam.

If on the positive side this does work as advertised then boy is there going to be a lot of teeth gnashing in the Fatherland.

Note to self: avoid Seagate HDs.

[Jerry]

and thus avoid the hassle.

First, the FEDS will require an NSA-type back door so that they can decipher the terrorists latest plots.

Second, unless you require a password for every HD sector accessed encryption will be just another pseudo-security pacifier, but making HDs more expensive - READ: more profits for HD manufacturers.

Third, blackhats will crack it in record time. The best security is a locked door or a good hammer.

Troubling implications

[Eravnrekaree]

I think encryption is better done in software, such as with GPG. Then at least we can read the software code, rather than relying on black box technology.

I also am concerned about the DRM implications of this. Could for instance, in the future, the disk perhaps allow Windows to request that an NTFS filesystem be locked and Linux not be allowed to access it? Could this be used by Microsoft to lock open source programs out of reading data from other programs?

No thanks

[Salsaman]

Great, as if hard drives weren't slow enough already - here comes an extra level of slowness to add to the mix. I guess I'll be avoiding Seagate drives in the future.

If I want to do encryption, I'll do it myself with a partition of my own choosing.

No-win

[jridley]

They'll have tens of thousands of users demanding that they "unlock" their drive. If there's no back door, not even data recovery services will be able to help, at any price. If there is a back door, it'll be disclosed eventually

Anyone who really wants encryption won't trust it regardless. I sure won't.

no 2nd hand PC market?

[MooseTick]

Will we even be able to reformat a drive that we don't know the password? If not, that kills the used computer market. At least now you can reformat and reload your OS if you get locked out.

This seems like something easy to brute force since most people won't use strong passwords anyway.

Regardless, I suspect this will be optional and 99% of users won't enable it. Those who already use a BIOS power on password will use it and few others will. As others have said, the first time someone at a company quit and

Did I step in to the Wayback Machine again?

[davmoo]

What's so amazing and new about this? Models of IBM Thinkpads came with an option for encrypted hard drives years ago. I know the Thinkpad 770 did it, because I have one.

And while I'm here, I'll nod in agreement with some of the other posts...especially in this era of George W. Brezhnev and his minions, I don't trust my encryption to anything that isn't open source and peer reviewed.

trolls?

[Anonymous Coward]

1. Use Stolen Template
2. ???
3. Gay!!!!

Re:

[ScentCone]

Take that MPAA....and RIAA...and NSA....and every other person who wants my bits.

Um, out of curiosity, how is this any different than any other form of data storate crypto, when it comes to a civil suit over whether your box's MAC address, etc., is clearly publishing copyrighted material a thousand "friends" you've never met before? Whether you're hiding data through drive-level encryption, or doing it with an app that runs a few layers farther up the stack, you're still going to have to face a court ord

The 5th...

[CrazedWalrus]

I am not a lawyer, so maybe someone who is can answer my question:

Given that:

1. The *IAA are pressing criminal charges.
2. Drive encryption keys are ideally only known to the user who owns the data.
3. Purden of proof is on the plaintiff.
4. The fifth amendment is still in full effect, so far as I know.

...then when charged by *IAA or anyone else over the contents of the drive, why can't the defendant just plead the fifth as regards the encryption keys? Technically, you *can* give them the contents of the drive, but it's

Re:

[ScentCone]

Given that:

The *IAA are pressing criminal charges.

Woops! Stop right there, I'm afraid. Not a given, at all. Typically such cases are not criminal proceedins, but civil suits. Very different set of stuff going on. In effect, you've got the legal representatives of the publisher, who is working on behalf of the artist that hired them to be their publisher, suing on behalf of the person claiming that someone is violating their copyright - typically by re-publising their work in a way that violates those

Re:

[drinkypoo]

Isn't commercial copyright violation a criminal offense? You can do jail time for it...

Civil suits are a load of crap.

[Ahnteis]

No 5th amendment in a civil suit. You're not being charged with anything. There's not "Guilty" or "Not Guilty" so you can't testify against yourself.

Of course, you can still be slapped with a large enough financial burden to ruin your life and make you sell everything you own; but you can't be put in jail so it's all good -- right?

You can refuse to give up your encryption key, but then you CAN be found Guilty/Not Guilty of contempt of court or violating laws that require you to give up encryption keys. Y

Re:

[Kjella]

The bigger issue is whether a court can make you do it or not (seems to depend on the jurisdiction and the cirumstances), and if they can, what the consequences might be for you telling the judge "screw you."

In a criminal case, very little. In a civil case, the standard is "preponderance of evidence, as in more probable than not which means you have absolutely no evidence to support your theories about hackers or open wi-fi or whatever. With 99,9% security the judge will say something to the effect of "Whil

Not protection really...

[in2mind]

Take that MPAA....and RIAA...and NSA....and every other person who wants my bits.

FTA:

Laptop computers with DriveTrust-based hard drives would prompt users to type in a password before booting up the machine. Without the password, the hard drive would be useless, Seagate officials said.

It only partially protects the user from RIAA.That is to say,if RIAA were to seize a hard drive,they would require the password to see the data.However,when the user is working on the hard drive(or has torrent turned

Re:

[Mister Whirly]

Really? The RIAA can access my disk through the internet?? That is news to me (and is also illegal without my consent). I have only seen them take screenshots from within Bittorrent and other P2P applications from thier end- to my knowledge they cannot "access" your drive remotely unless you have remote access software installed... And those screenshots can be so easily faked it isn't funny.

They will take it. THEY asked for it.

[ivan256]

The sole application of this device is to prevent duplication of digital media recorded by set-top boxes and digital media players. Any other application you can dream up would work equally well with software based encryption.

This drive is designed for easy implementation of DRM.

If you used it for the personal purposes you suggest, you would simply be forced to reveal the password by court order.

Regardless, simple passwords are easily brute-forced, so this is really just a check box to help them differentia

Re:

[couchslug]

Encrypting files rather than drive access is preferable to me, because if I forget a password I can still wipe and reuse the drive. Solutions that result in junk hardware are probably ok for some commercial customers, but I'd like to be able to save my gear if things go wrong.

Re:

[CastrTroy]

First, you'll want to ensure you encrypt your swap file, so that there isn't little bits and pieces of your sensitive data sitting unencrypted in there. Second of all, encrypting files after the have already been written to the hard drive is not a good idea, since journaling file systems like NTFS (I think?), don't necessarily overwrite the original file when you go and encrypt it. Maybe you don't require encryption to this level, but many people do. Also, I hope, and am pretty sure, that there would be

Re:

[b0s0z0ku]

Since I'm presuming password support has to be built into the OS anyway

Nah, password support will likely be built into the BIOS, making the product OS-agnostic and less prone to keyloggers operating at the lowest levels of the OS. Remember also that the *whole* drive is encrypted in this case, not just the data directories, so the OS won't even boot without a password.

-b.

Re:

[CastrTroy]

I'm pretty sure that they'd store a hash of the password on the board and compare against that. It's much harder to break that. Also, the security of almost all encryption software is only as powerful as the password protecting the key. If you use an insecure password, then that's your own fault.

Re:

[b0s0z0ku]

I bet that there's some sort of chip reader that one could build to pull passphrase for were it's stored in a chip on the board. that or pull the platters and stick them in a friendly drive

Why bother storing the passphrase. If you enter the wrong passphrase, the output of the drive will simply be scrambled and unreadable/unbootable. I suppose that they may include a passphrase check for user-friendlyness though. The bigger worry is that many of the passphrases will be (a) short and/or (b) based on comm

Re:

[havardi]

http://en.wikipedia.org/wiki/Stream_cipher [wikipedia.org]

Re:

[gomoX]

You change it's value... OR NOT.

Re:

[CastrTroy]

But the way windows is typically set up, to have everything on one partition, including the swap, entire disk encryption is the only good solution. No point in encrypting your home folder/partition if you swap space is filled with sensitive data.

Re:

[b0s0z0ku]

But the way windows is typically set up, to have everything on one partition, including the swap, entire disk encryption is the only good solution.

It doesn't *have* to be set up that way. You can have a C: Programs and D: Data drive in the same system. Better yet (not sure about XP, but you can do this on Server 2k3) you can mount the second drive in a directory of the main C: file system, like in UNIX. So C:\Documents and Settings can be on a different physical drive than the rest of C:

Of course, th