Edward Ned Harvey wrote: > Apparently TPM is not a new thing. Even my oldest Dell laptop (5-6 years > old) has a TPM, which I never bothered to enable. I have to guess that > BitLocker is probably not the first whole-disk-encryption solution to > utilize it. Not sure why it seems to have become the new buzz word. Either > way, whatever the reason this didn't take off before, I really enjoy > BitLocker, and am happy I found it. I'm the only person who knows anything > has changed in my computer; it looks, behaves, and performs exactly as it > did before. I have some increased cpu utilization to perform my encryption, > but my disk performance is not measurably different from before. Well, at > most 5% or 10%, which basically falls into the "noise" of hard disk > benchmarks. That could be random sampling error.
I am surprised that no one has brought up hard drives that have FDE functions. <disclaimer> I worked for Seagate when they came out with this. </disclaimer> http://www.seagate.com/www/en-us/products/laptops/laptop-hard-drives/ http://www.seagate.com/docs/pdf/datasheet/disc/ds_momentus_fde_family.pdf The key is generated on the controller. It works with TPM to unlock access. DoD erase is split second, by wiping of key from the drive. "Seagate Self-Encrypting Drives deliver government-grade encryption without performance degredation – protecting your data where it lives. The FIPS 140-2* options are NIST government certified for both U.S. and Canadian usage with sensitive data." -- END OF LINE --MCP _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/