Slashdot Mirror
Seagate Ships World's Most Secure Hard Drive
An anonymous reader writes to let us know that after two years Seagate is finally shipping its full-disk encryption product, and you can get your hands on it in a laptop from system vendor ASI.
← Back to Stories (view on slashdot.org)
Actually it appears that it is using a CBC, there appears to be a middle layer that arbitrarily partitions sections that are encrypted and decrypted on the fly. I was pretty skeptical the last time this was mentioned on slashdot, but I have to admit this actually looks like a promising product. I'll wait for some more skillful security experts to evaluate it first, but I'm certainly keeping an open mind on it.
There's a funamental difference here.
Most DRM hinges on the fact that the content must stay readable, in however limited a sense. In other words, you're giving the encrypted content to the attacker, who also has to have the key in order to use it. The attacker and the intended recipient are the same person.
When you take away that requirement, encryption actually becomes workable.
...of the competitors in this market space. Several companies have been doing this for years with good track records. I think these links are still good.
You don't have to use the fingerprint reader, and my understanding is that it's more of a windows-logon thing than a boot-up thing.
However, you could easily design a keypad that makes it nigh-impossible to lift a print. A simple rough textured finish on the top would do the trick.
I don't need no instructions to know how to rock!!!!
Because it's the only (publicly available) HDD with *cryption functions built into the circuitry.
Is this really any more secure than dm-crypt? Faster, no doubt, but more secure?
Probably not. But simpler for users/admins to put out in the field.
But closed-source, so we really don't know how well it was implemented.
"I don't know, therefore Aliens" Wafflebox1
Slap one of these bad-boys into a video camera with only the ability to only write/encrypt and then you'll have a tool journalists can use without fear their content will be pilfered by a herd of unwieldly pigs. Only once the cam is back from the field would the data be accessable. This of course assumes the drive uses some sort of PKI, it may be symmetric only, in which case you'd have to add something to generate the symmetric keys from a PKI infrastructure. Performance should still be good with the added PKI module since the internal crypto would still be using the hardware accelerator with the derived symmetric keys.
Don't be so sure.
I had to install PGP Desktop and encrypt my laptop's HDD, and when it asked me for the pass phrase, there was a "strongness" meter that increased the more and more random the pass phrase. Using a combination of upper & lower-case letters plus , it wouldn't accept anything shorter than, IIRC, 18 characters.
"I don't know, therefore Aliens" Wafflebox1
For example, Loop-AES behaves like this in multi-key-v3 mode where CBC is used with an IV computed from a secret key, the sector number, and plaintext blocks [1..n-1] in the sector. This is also how Microsoft Bitlocker behaves because they combine CBC with the Elephant diffuser. When CBC is not used, this property can be achieved using LRW or XEX, or wide-block encryption.
This is how Linux's crypto-loop works. The CBC is run across only individual 512-byte blocks of the disk. I think they use the sector number as an IV.
Liberty in your lifetime