Achim Patzner wrote:
Am 25.02.2008 um 23:48 schrieb Uwe Doering:
Since it hasn't been mentioned so far: There are hard disk drives that
do encryption on the firmware level, so you don't have to store keys
on the OS level.
I wouldn't go that far as there isn't (better: I didn't find)
enough documentation on their mechanisms to satisfy my curiosity.
I haven't tried so far, but perhaps they can provide additional docs or
pointers to already downloadable whitebooks on request. In the past, I
found a number of whitebooks on their web site detailing various aspects
of their storage technology. Quite interesting stuff. :-)
You might want to take a look at eNova (http://www.enovatech.net/)
who are pointing at interesting hardware using their crypto technology.
Interesting approach as well. Thanks for the pointer. However, given
that notebooks are the most vulnerable group of computers in this
regard, the drawback I see is that the notebook manufacturers first have
to adopt this solution, since you normally cannot put such additional
hardware into a notebook yourself. This restricts your choice of
notebooks, and you also still have no solution for notebooks that you
already have.
For this reason it struck me as a clever idea to do the encryption in
the HDD's firmware. This way you need no additional hardware and can
equip each and every notebook sporting an SATA interface with
sufficiently secure HDD encryption, without support from the notebook
manufacturer because a HDD is a user replaceable part.
Regards,
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
[EMAIL PROTECTED] | http://www.escapebox.net
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
