Hardware Encrypted Desktop Hard Drives?

  • Thread starter Thread starter Ted43
  • Start date Start date
T

Ted43

I'm trying to find out where to buy some of those encrypted disks -
hardware type of encryption, for my desktop comp. I keep reading
reviews about them but cannot find them for sale. I went nutsy on that
damn Seagate Website trying to find them. All I found was more info
about them but not the disks.

Does anyone know which companies make them and what are the names of
the disks? I'd like to be able to google the dang things and find
some outfit who sells them.
 
I'm trying to find out where to buy some of those encrypted disks -
hardware type of encryption, for my desktop comp. I keep reading
reviews about them but cannot find them for sale. I went nutsy on that
damn Seagate Website trying to find them. All I found was more info
about them but not the disks.
Click to expand...
Does anyone know which companies make them and what are the names of
the disks?
Click to expand...

Virtually all of the laptop drives can do ATA encryption.
 
I'm trying to find out where to buy some of those encrypted disks -
hardware type of encryption, for my desktop comp. I keep reading
reviews about them but cannot find them for sale. I went nutsy on that
damn Seagate Website trying to find them. All I found was more info
about them but not the disks.
Click to expand...
Does anyone know which companies make them and what are the names of
the disks? I'd like to be able to google the dang things and find
some outfit who sells them.
Click to expand...

They are not a mainstream item, since they cost more than ordinary
drives and you need specialized software or a special BIOS to use
them. Currently, I believe only OEMs can get them.

But why use hardware encryption at all? TrueCryot gives you
a comparable level of security. The only reason I see for
hadrware encryption is to prevent the user from circumventing
the encryption, e.g. in a laptop given to an employee. As you
actually want encryption, that risk does not exist.

Arno
 
Can True Crypt be loaded on a machine that already has an OS (Win XP
Pro) and data on it without destroying the OS or the data?

I did try to buy Full Disk Encryption from PGP, but their service and
accessability was greatly lacking, and I canceled my order.

If True Crypt will not harm what's already on my box, I'd give it a
try. I did ask about it in another group, but got to many
conflicting answers.
Click to expand...

Well, I see what I missed before at the TrueCrypt site. You do load
the program with Windows already on the machine. So, I surmise it
also would not corrupt any data or program files. (?)

I see that the password length has a max of 64 characters. I wonder if
one can use spaces between groups of characters?
 
Well, I see what I missed before at the TrueCrypt site. You do load
the program with Windows already on the machine. So, I surmise it
also would not corrupt any data or program files. (?)

I see that the password length has a max of 64 characters. I wonder if
one can use spaces between groups of characters?
Click to expand...

I found what I needed in TrueCrypt's documentation:
---
Can I encrypt a partition/drive without losing the data currently
stored on it?

Yes, but the following conditions must be met:

* If you want to encrypt an entire system drive (which may contain
multiple partitions) or a system partition (in other words, if you
want to encrypt a drive or partition where Windows is installed), you
can do so provided that you use TrueCrypt 5.0 or later and that you
use Windows XP or a later version of Windows (such as Windows Vista)
(select 'System' > 'Encrypt System Partition/Drive' and then follow
the instructions in the wizard).

* If you want to encrypt a non-system partition in place, you can
do so provided that it contains an NTFS file system, that you use
TrueCrypt 6.1 or later, and that you use Windows Vista or a later
version of Windows (for example, Windows 7) (click 'Create Volume' >
'Encrypt a non-system partition' > 'Standard volume' > 'Select Device'
'Encrypt partition in place' and then follow the instructions in the
Click to expand...
wizard).
 
I found what I needed in TrueCrypt's documentation:
Click to expand...
Yes, but the following conditions must be met:
Click to expand...
* If you want to encrypt an entire system drive (which may contain
multiple partitions) or a system partition (in other words, if you
want to encrypt a drive or partition where Windows is installed), you
can do so provided that you use TrueCrypt 5.0 or later and that you
use Windows XP or a later version of Windows (such as Windows Vista)
(select 'System' > 'Encrypt System Partition/Drive' and then follow
the instructions in the wizard).
Click to expand...
* If you want to encrypt a non-system partition in place, you can
do so provided that it contains an NTFS file system, that you use
TrueCrypt 6.1 or later, and that you use Windows Vista or a later
version of Windows (for example, Windows 7) (click 'Create Volume' >
'Encrypt a non-system partition' > 'Standard volume' > 'Select Device'
wizard).
Click to expand...

Ah, good to know. I was noit sure either way.

Some more remarks:
- You should make a current backup before doing such an installation.
As you need to have a backup mechanism in place anyways, that
should not be too much of a hassle.
- 64 chars sounds like a "passphrase" lenght and would then accept
spaces.

Arno
 
Spaces should not be a problem, with Blowfish I use a
pass phrase, with UC, LC, hyphenation and numeric.
Click to expand...

It is not a quation of the cipher. It is only a question
of what the input routine accepts. The input is then
hashed anyways.
Even with dividing the keyspace it's still a major
problem to crack, and should defeat dictionary attacks.
I'm going 2 (add the rest yourself , like - kick the cat.)
Or anything else that is easy to remember.
Click to expand...

Rule of thumb: 1 bit of entropy per character in english.
You should have around 60 bits for higher security needs.

Personally I use 8 random characters/digits for normal
things and 12 for incresed security. That is roughly
40/60 bits of entropy.

And before anybody points out that a 40 bit key is breakable
by a modern PC in reasonable time: Yes, a key is. In a
known-plaintext-attack. But this is a passphrase that goes
through a has designed to be slow (say, 100ms per hash).

Arno
 
Rod said:
Its a lot more than just password protection.
Click to expand...

If you are talking about the ATA password then it is nothing more than
password protection. It has nothing to do with encryption of data on the
disk.
 
Rod said:
Did that LONG before you ever showed up.
Click to expand...

Yeah, sure you did. That is why you say that putting a ATA-password on a
harddrive will encrypt the data. Right.
 
dennis wrote
Rod Speed wrote
Click to expand...
Yeah, sure you did.
Click to expand...

Even someone as stupid as you should be able to use groups.google
to see I made comments on it and rubbed various people's noses
in specific bits of it LONG before you ever showed up.
 
Back
Top