that it is using ECB mode since CBC would require
encrypting/decrypting the entire drive to do reads / writes. If this
is using ECB mode then some interesting attacks could be mounted
against it.
ECB is pretty weak. I would think hardware encryption would use a
stream mode of DES such CFB(cypher feedback) or OFB(output feedback).
Stream cypher makes more sense in this situation rather than a block
cipher.
Aside of implementation details (which sometimes prove to be the weak
spot) the biggest problem with encryption is the KEY. The data is only
as safe as the key.
A Japanese article said that the keys are stored in a separate
inaccessible part (tamper-proof???) of the drive, and they are
encrypted.
The last concern I have with this comes back to using passwords. I see
You can always use 2-factor authentication instead of static password.
Seagate's FDE drives can use biometric, RSA token, or smart cards.
This was demo at CeBIT using TiDoCoMi from Secude.
See:
http://www.xml-dev.com/lurker/message/20060425.142230.0ba0d4b8.en.html
for an article that discusses this.
--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------
-------------------------------------------------------------------------
This List Sponsored by: Webroot
Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise
http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
