AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 24th September, 2009, 03:56 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

Seagate to ship self-encrypting hard drives

See front page:
AOA - Seagate to ship self-encrypting hard drives

Comments?
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 24th September, 2009, 04:49 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Err, they've been shipping full disk encryption (IE, self-encrypting) disks for a while now. They've been talking about their enterprise disks for quite some time, and I thought that some lines were already shipping?
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 24th September, 2009, 07:12 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Can one back them up to other drives? Can one copy them for use in another machine? What are the draw backs...if any?
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 24th September, 2009, 09:30 PM
Gizmo's Avatar
Chief BBS Administrator
BassTeroids Champion, Global Player Champion, Aim & Fire Champion, Puzzle Maniax Champion, Othello Champion, Canyon Glider Champion, Unicycle Challenge Champion, YetiSports 9: Final Spit Champion, Zed Champion
 
Join Date: May 2003
Location: Webb City, Mo
Posts: 16,178
Send a message via ICQ to Gizmo Send a message via AIM to Gizmo Send a message via MSN to Gizmo Send a message via Yahoo to Gizmo Send a message via Skype™ to Gizmo

The benefits are two-fold:
  • Data are stored on the platter encrypted
  • The encryption is performed in hardware

This means that you have to have the encryption key in order to use the drive. Without the key, even if you take the drive to a data recovery outfit, it's just so much scrambled garbage as far as they are concerned. This means that even if the Bad Guys manage to steal the drive, they can't get anything useful off it. Before you can even access the drive, you need a password to decrypt the data.

Of course, you can do this now, using encrypting file systems and whole-disk software-encrypted bootloaders. Which brings us to the second benefit; this is all done in hardware. Since there's no software running on the client PC, getting around the encryption is much harder, plus you don't have the software slowing down your PC. And, since it's in hardware, it doesn't really matter what OS or file-system you are using, so long as the OS or BIOS has support for the drive: you could even use this drive with an encrypting file system if you so chose.

That brings us to the down-side: to the best of my knowledge, you need BIOS support to boot from one of these, or OS support if you aren't booting from it. As far as I know, BIOS support is non-existent. I would assume that OS support exists in at least Windows, and probably *nix (since most big-iron storage arrays are running on some kind of *nix OS).

@Áedán: They announced back in April I believe, that they were going to do this. To the best of my knowledge, though, these are the first products they've shipped.

Last edited by Gizmo; 24th September, 2009 at 09:30 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 24th September, 2009, 09:58 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

For standard PCs without RAID, no special BIOS support appears to be needed. With some software (Wave Embassy Suite) the disks support different views depending on if the password is entered or not. If the disk is not unlocked, then a special boot program is visible, which allows you to unlock the disk regardless of the BIOS. Additionally, this boot program can only be over-written once the drive has been unlocked. This helps to avoid the problem with pure software encryption, where it's possible to trojan the encryption software itself.

The drives support different visible areas, so some parts can be only be made visible with the correct password.

The laptop drives work pretty well too. (Can you tell I'm using one?) Works beautifully in whatever OS you fancy booting into.

For RAID arrays, you need a storage controller that can handle unlocking the drives. LSI have implemented this.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 24th September, 2009, 11:01 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

How long before someone cracks it? You see Aedan I have been listening! ":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic


Last edited by Daniel ~; 24th September, 2009 at 11:01 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 25th September, 2009, 11:45 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

The advantage of this form of crypto is that all the crypto happens on-board the drive, and the OS doesn't need to know anything about it.

The encryption is based around AES-128, which is pretty robust and well proven. It is unlikely that this will be the weakpoint - if it is, consider just about every SSL web site you visit broken!

The encryption engine needs a key however, to decrypt the data. This is stored on the drive, and doesn't leave the drive. Software (including malware) running on the PC doesn't have access to it. Additionally, a number of other attacks against software encryption (such as firewire and extracting RAM contents) are not possible. How it works is like this:
  • The user enters a password before the machine boots.
  • This password is then used as the secret material to unencrypt the real encryption key. If you put the wrong password in, the real encryption key isn't decrypted correctly, and the data can't be accessed.
  • If the real key is decrypted properly (which can only be found out by attempting to decrypt something with it!), then the drive is unlocked.
  • If the real key isn't decrypted properly, no access to the encrypted drive is possible
__________________

Last edited by Áedán; 25th September, 2009 at 11:47 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 25th September, 2009, 02:21 PM
dsio's Avatar
Steve Jobs
 
Join Date: October 2002
Location: Brisbane, QLD, Australia
Posts: 8,037

$100 says the password for Áedán's is swordfish.
__________________
Notebook: Apple Macbook Pro 13" i7 2.7Ghz (3.4Ghz max) 8GB DDR3 1333Mhz (Mac OSX 10.6.7)
Desktop: ASUS Rampage Formula X48
Intel Core 2 Quad Q9450 (Yorkfield) @ 3.60Ghz (Folding SMP Linux)
Running Fedora 15 Linux (GNOME 3)
Dual Dell 2407WFP
AOA Team fah

Drivers, Games, Demos, Mods and Overclocking Tools At AOAFiles
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 25th September, 2009, 02:26 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Is that AU$100 or US$100? Either way, I'm looking to collect it!
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 25th September, 2009, 04:42 PM
Gizmo's Avatar
Chief BBS Administrator
BassTeroids Champion, Global Player Champion, Aim & Fire Champion, Puzzle Maniax Champion, Othello Champion, Canyon Glider Champion, Unicycle Challenge Champion, YetiSports 9: Final Spit Champion, Zed Champion
 
Join Date: May 2003
Location: Webb City, Mo
Posts: 16,178
Send a message via ICQ to Gizmo Send a message via AIM to Gizmo Send a message via MSN to Gizmo Send a message via Yahoo to Gizmo Send a message via Skype™ to Gizmo

Quote:
Originally Posted by dsio View Post
$100 says the password for Áedán's is swordfish.
That was a seriously cool movie....
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 25th September, 2009, 05:03 PM
dsio's Avatar
Steve Jobs
 
Join Date: October 2002
Location: Brisbane, QLD, Australia
Posts: 8,037

When programming languages eventually get to the stage where you do in fact use a 9 monitor system and write it like you're playing with a rubik's cube, I'll put down my snootiness and become a code monkey.
__________________
Notebook: Apple Macbook Pro 13" i7 2.7Ghz (3.4Ghz max) 8GB DDR3 1333Mhz (Mac OSX 10.6.7)
Desktop: ASUS Rampage Formula X48
Intel Core 2 Quad Q9450 (Yorkfield) @ 3.60Ghz (Folding SMP Linux)
Running Fedora 15 Linux (GNOME 3)
Dual Dell 2407WFP
AOA Team fah

Drivers, Games, Demos, Mods and Overclocking Tools At AOAFiles
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 25th September, 2009, 08:01 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Why wait! unhand that snootiness now! ":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Tags
data encryption , data storage , seagate



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Seagate revamps external drives danrok General Hardware Discussion 1 18th September, 2008 12:07 AM
Hard times for hard drives: US may ban popular imports Daniel ~ General Hardware Discussion 3 11th October, 2007 09:18 PM
Seagate ships hardware-encrypted notebook drives MONKEYMAN Random Nonsense! 1 5th April, 2007 08:10 PM
Seagate SCSI Disk Drives Razorfish General Hardware Discussion 23 11th September, 2005 05:16 PM
Seagate 80 gig hard for $80 w/free shipping LP Online Deals, and Steals 0 1st September, 2003 02:08 PM


All times are GMT +1. The time now is 04:02 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0