Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Hardware Based Disk Encryption

from [Brewis, Mark] Network Security [Permanent Link]
Subject: RE: Hardware Based Disk Encryption
Date: Wed, 1 Nov 2006 15:02:42 -0000 
From Seagate: "allows hard drive data to be erased instantly" 

Three ways of doing this that I can think of at the moment:
1 - It purges/overwrites the encryption key(s) from whatever
ASIC/EEPROM/security chip it stores it in.
2 - It writes (not flips) a number of bits on the disk, to corrupt the
encrypted disk.  It doesn't even need to be a random/pseudo-random
pattern (although more secure if it is.)  Since the state of the drive
isn't likely to be known beforehand, even knowing which bits have been
changed wouldn't render the process ineffective.  
3 - They do both.
Even on a 120GB drive that isn't going to take long.  Would it 'Wipe'
the drive?  Not in the way we have historically referred to wiping, but
effective nevertheless.  If you have to go through n processes simply to
get back to the state of having an encrypted drive, and then to have to
break the encryption, I don't suppose there are too many people on this
list with the facilities and capabilities to do that.

(There is of course another (im)possibility - that Seagate are shipping
drives with micro EMP generators for that Mission Impossible-style
sayonara to your data.  They'd need to do something about a Big Red
Button and getting a curling smoke effect for complete user satisfaction
though.)

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of bsmathers@reypd.com
Sent: 31 October 2006 13:52
To: forensics@securityfocus.com
Subject: Hardware Based Disk Encryption

http://www.seagate.com/cda/newsinfo/newsroom/releases/article/0,,2732,00
.html

When someone gets a chance to play with one of these, please post.

An open and self-contained crypto infrastructure on a hard drive that is
"useless" until the BIOS recognizes it with a password key. Reminds me a
little of the "locks" some manufactures have that can be enabled in the
BIOS for some drives. Although, it is easy to just call up the
manufacture and get the back-door key for locked drives (done many times
with basic data recovery jobs or just hook up to another computer and
not boot from it), according to Seagate, there is no "back-door" access
here. If the key is lost, stolen, or just not available for
investigations/recoveries, there will be no way to access/read the FDE
(Full-Disk Encryption) drive.

Also, it has a "wiping" technique that supposedly can "wipe" a drive in
less then a second and be "secure". I would like to know more about
this. If anyone has any information, please post. Thanks.
[More messages with this same subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Recovery data after 57+ formats - fact or fiction??, Mike Peppard
Next by Date:  Re: Data Recovery, Valdis . Kletnieks
Previous by Thread:  Hardware Based Disk Encryption, bsmathers
Next by Thread:  Re: Hardware Based Disk Encryption, Steve
Indexes:  [Date] [Thread] [Top] [All Lists]