Me either, but that is the way to go, BIOS just needs basic support to ask
user to enter password and then it unlocks the drive. simple.
What I would really like to get for my next computer is a hard drive or SSD
which is self-encrypting. But such devices have not made much headway in
the market, and I'm not sure why. They seem like such an obviously good
idea.
IFL, Truecrypt and Windows 10
-
TeraByte Support
- Posts: 3613
- Joined: Thu May 05, 2011 10:37 pm
Re: IFL, Truecrypt and Windows 10
What I keep seeing with respect to SEDs (self-encrypting drives) is that it's difficult and complicated to actually enable the encryption. Well, that's not exactly right. The drive is encrypted from the factory with a randomly genrated key, but the password needed for the drive controller to access the encryption key is originally set as "0000" or something similar. To get it to work you have to get a utility of some kind to change the password to something else. But apparently that's not a simple thing to do, and a lot of people end up using the drives without changing the password, which means you have no encryption at all.
Even if you succeed in setting the password, you still need the BIOS to ask you for the password and provide that to the drive. So if you boot with the IFL CD, you can provide the password without Windows being involved at all. Or Linux being involved, for that matter. I just don't know if we've reached that point yet. The other potential problem is that all the new uber-secure things like SecureBoot will get in the way and prevent the drive from being mounted.
I just don't see any individuals using SEDs. Maybe businesses do, but for some reason they just haven't caught on as far as I can tell, and it appears to be because they are difficult to set up.
Even if you succeed in setting the password, you still need the BIOS to ask you for the password and provide that to the drive. So if you boot with the IFL CD, you can provide the password without Windows being involved at all. Or Linux being involved, for that matter. I just don't know if we've reached that point yet. The other potential problem is that all the new uber-secure things like SecureBoot will get in the way and prevent the drive from being mounted.
I just don't see any individuals using SEDs. Maybe businesses do, but for some reason they just haven't caught on as far as I can tell, and it appears to be because they are difficult to set up.
-
TeraByte Support
- Posts: 3613
- Joined: Thu May 05, 2011 10:37 pm
Re: IFL, Truecrypt and Windows 10
it belongs in the bios which could just do it easily, it would just be
another item that could be configured.
"Peabody" wrote in message news:10222@public.image...
What I keep seeing with respect to SEDs (self-encrypting drives) is that
it's difficult and complicated to actually enable the encryption. Well,
that's not exactly right. The drive is encrypted from the factory with a
randomly genrated key, but the password needed for the drive controller to
access the encryption key is originally set as "0000" or something similar.
To get it to work you have to get a utility of some kind to change the
password to something else. But apparently that's not a simple thing to do,
and a lot of people end up using the drives without changing the password,
which means you have no encryption at all.
Even if you succeed in setting the password, you still need the BIOS to ask
you for the password and provide that to the drive. So if you boot with the
IFL CD, you can provide the password without Windows being involved at all.
Or Linux being involved, for that matter. I just don't know if we've
reached that point yet. The other potential problem is that all the new
uber-secure things like SecureBoot will get in the way and prevent the drive
from being mounted.
I just don't see any individuals using SEDs. Maybe businesses do, but for
some reason they just haven't caught on as far as I can tell, and it appears
to be because they are difficult to set up.
another item that could be configured.
"Peabody" wrote in message news:10222@public.image...
What I keep seeing with respect to SEDs (self-encrypting drives) is that
it's difficult and complicated to actually enable the encryption. Well,
that's not exactly right. The drive is encrypted from the factory with a
randomly genrated key, but the password needed for the drive controller to
access the encryption key is originally set as "0000" or something similar.
To get it to work you have to get a utility of some kind to change the
password to something else. But apparently that's not a simple thing to do,
and a lot of people end up using the drives without changing the password,
which means you have no encryption at all.
Even if you succeed in setting the password, you still need the BIOS to ask
you for the password and provide that to the drive. So if you boot with the
IFL CD, you can provide the password without Windows being involved at all.
Or Linux being involved, for that matter. I just don't know if we've
reached that point yet. The other potential problem is that all the new
uber-secure things like SecureBoot will get in the way and prevent the drive
from being mounted.
I just don't see any individuals using SEDs. Maybe businesses do, but for
some reason they just haven't caught on as far as I can tell, and it appears
to be because they are difficult to set up.