Comments on: Full Disk Encryption isn't FDE anymore
Given the slew of privacy regulations and publicly disclosed breaches, laptop encryption is now a must-have.
Most Popular
15 sites that went kaput in 2009
Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.
Top 10 news stories of the decade
Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.
About News Blog
Recent posts on technology, trends, and more.
Add this feed to your online news reader
Any DELL tech can give anyone the admin password to bypass the hardware encryption on your HDs.
You can use M$ Bitlocker software encryption instead and trust their assurances they don't provide backdoor access - but do you really trust them?
Beware phony "feel-good" encryption! And check out all the "index.dat" files hidden throughout your XP & Vista systems sometimes. You'll be amazed at the detailed lists of all the URL & filenames you've accessed over the years (such as pics you've viewed) regardless of all the so-called disk wipe utilties. It gives new meaning to "domestic spying"...
Of the top laptop manufacturers some sell encrypting drives that only use BIOS ATA passwords, and Dell is NOT one of them.
Dell sells the Seagate FDE hard drives that support advanced password authentication integrated directly into the drive security controller, and this has nothing to do with the BIOS ATA password, as you would attempt to mislead readers to believing. Once properly configured these drives are as or more secure than software encryption and certainly have NO back door.
Don't take my word for it however, read up for yourselves, including information on the NSA approval granted to the drives for secure government use, here: http://www.seagate.com/ww/v/index.jsp?locale=en-US&name=null&vgnextoid=bd8f322b02fd9110VgnVCM100000f5ee0a0aRCRD
As for feel good, does being able to fully provision and activate full disk encryption in seconds compared to hours (for software encryption) sound like a "feel good?" I'd hope so.
You can also see this in many other different industries. For example, in shipping and banking. All of the major global express shipping companies are trying to provide "end-to-end" services for the distribution and handling of all physical deliverable. I don't think it's because the likes of FedEx and UPS are trying to shove more services into people's mouths...but rather companies actually want to have a one-stop shop for all delivery needs. Main benefit: companies can focus on doing their business.
Going back to what you have mentioned, I agree that FDE should play a greater role if companies are trying to make a comprehensive end-to-end data protection product suite. You mentioned BitLocker and PGP being good examples. I think SECUDE.com is another good example (they also integrate Seagate FDE HDDs).
Perhaps the real goal of providers, with strong FDE products, is how to manage the "FDE process" across large organizations. Surely hardware with embedded encryption cannot do this coherently alone. The way I see it: hardware provides the raw encrypting horsepower, the software coordinate this raw horsepower for the whole organization.
If companies are going to use software to manage FDE, then it makes sense to have the same software (or provider) manage the remaining aspects of data protection (e.g., file, folders, emails).
There is actually a wikipedia posting on FDE providers:
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software
Another interesting article relevant to FDE:
http://en.wikipedia.org/wiki/Cold_boot_attack
------------------------------------------------
Leon
http://www.hddoctor.net
- by rahulkopi January 17, 2009 12:13 AM PST
- Also checkout Seclore (www.seclore.com). They have a true and very good complimentary solution to disk encryption.
- Like this Reply to this comment
-
(6 Comments)