Edward Ned Harvey wrote:
> Apparently TPM is not a new thing. Even my oldest Dell laptop (5-6 years
> old) has a TPM, which I never bothered to enable. I have to guess that
> BitLocker is probably not the first whole-disk-encryption solution to
> utilize it. Not sure why it seems to have become the new buzz word. Either
> way, whatever the reason this didn't take off before, I really enjoy
> BitLocker, and am happy I found it. I'm the only person who knows anything
> has changed in my computer; it looks, behaves, and performs exactly as it
> did before. I have some increased cpu utilization to perform my encryption,
> but my disk performance is not measurably different from before. Well, at
> most 5% or 10%, which basically falls into the "noise" of hard disk
> benchmarks. That could be random sampling error.
I am surprised that no one has brought up hard drives that have FDE
functions.
<disclaimer>
I worked for Seagate when they came out with this.
</disclaimer>
http://www.seagate.com/www/en-us/products/laptops/laptop-hard-drives/
http://www.seagate.com/docs/pdf/datasheet/disc/ds_momentus_fde_family.pdf
The key is generated on the controller. It works with TPM to unlock
access. DoD erase is split second, by wiping of key from the drive.
"Seagate Self-Encrypting Drives deliver government-grade encryption
without performance degredation – protecting your data where it lives.
The FIPS 140-2* options are NIST government certified for both U.S. and
Canadian usage with sensitive data."
--
END OF LINE
--MCP
_______________________________________________
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
