[144512] in cryptography@c2.net mail archive
Re: Seagate announces hardware FDE for laptop and desktop machines
daemon@ATHENA.MIT.EDU (travis+ml-cryptography@subspacefie)
Fri Jun 12 10:24:22 2009
Date: Wed, 10 Jun 2009 18:19:53 -0500
From: travis+ml-cryptography@subspacefield.org
To: Simon Josefsson <simon@josefsson.org>,
Cryptography <cryptography@metzdowd.com>
Mail-Followup-To: Simon Josefsson <simon@josefsson.org>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: <20071003041537.GE11590@bcd.geek.com.au>
--19uQFt6ulqmgNgg1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Reading really old email, but have new information to add.
On Wed, Oct 03, 2007 at 02:15:38PM +1000, Daniel Carosone wrote:
> Speculation: the drive always encrypts the platters with a (fixed) AES
> key, obviating the need to track which sectors are encrypted or
> not. Setting the drive password simply changes the key-handling.
>=20
> Implication: fixed keys may be known and data recoverable from factory
> records, e.g. for law enforcement, even if this is not provided as an
> end-user service.
There was an interesting article in 2600 recently about ATA drive
security.
It's in Volume 26, Number 1 (Spring 2009). Sorry that I don't have an
electronic copy.
The relevant bit of it is that there are two keys. One key is for the
user, and one (IIRC, it is called a master key) is set by the factory.
IIRC, there was a court case recently where law enforcement was able
to read the contents of a locked disk, contrary to the vendor's claims
that nobody, even them, would be able to do so. The man in question
had his drives sized by the FBI and they read the drives, uncovering
emails between the man and his lawyer. He was suing the manufacturer
for false advertising.
Here are the links from the 2600 article:
http://tinyurl.com/atapwd
http://tinyurl.com/cmrrse
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
hdparm -security-erase-enhanced in Linux
http://www.deadondemand.com/
http://www.vogon-investigation.com/password-cracker.htm
--=20
Obama Nation | My emails do not have attachments; it's a digital signature
that your mail program doesn't understand. | http://www.subspacefield.org/~=
travis/=20
If you are a spammer, please email john@subspacefield.org to get blackliste=
d.
--19uQFt6ulqmgNgg1
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (OpenBSD)
iQIcBAEBAgAGBQJKMD+ZAAoJEGQVZZEDJt9HmjAP/10u29jTYizp/rHNVf6noud/
ybPTGRd5M17WVseTwGtQoYz+8E9zc/Bt8uCSkt3PahzbEy+K6mz7H0qe26g0WJ3b
2U3QedJniGFziV+0F/z8oNF7auiFdnqrZ2o1lAMn4oNBJgDG2Nkp+9g3yTYpYCZy
56bgrbCKqsXEVNGvbvKHe+wM0pX00wqDq+qMicYblam7UTtgsqmrAcx8ILvm7tAV
492HflFspPvR/kKASWAh33CXtR4KEBraK1Rac++Z186xfL9FZgghqTZaOOtWgPKl
y2tsISbLceqllYat+jW7PCJBUiKJyKe7dc+MEfZ3wkvvqg+aSgic2UhF/5UniiMo
MwTwC1HH6y7shlmzsWb8zaJmDd6fbq8uv2ay9kqUPcP8EQ5ESYLlRY0Mp383J7Uj
ujNQkLRSlp2EyVEo5d8yZiP7Q2UCZZ8NjuSpYY0trj8Q+AlBVJ+iSBgHozQRit9z
YwRKDZqa5t8yoqWh1sk9Ov3dKkeaKyfb0pnOEUr4Iq29ZVfXHW4SNY6lC+0sPwkt
z2UmubmU70YOOPqQHw3JeYb1JmLx8TGmrRFwHPJier3cM3lIaqpaGswbTHSCRP6m
xhbMOFtzWh+Ke28u8H7d498nut8LD41S9DfRy1CR3PPxOl9+ra8I2mxdY6XZ4q8f
OhvybjKD0yXvzF7Fx+fJ
=C7Fu
-----END PGP SIGNATURE-----
--19uQFt6ulqmgNgg1--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
