Seagate To Encrypt Data On Hard Drives

Krishna Dagli writes "Seagate, using their new DriveTrust Technology, will automatically encrypt every bit of data stored on the hard drive and require users to have a key, or password, before being able to access the disk drive."

No back doors?

[pieterh (196118)]

Seems unlikely.

Would Seagate really attempt to market a drive that was going to protect pedophiles and terrorists? (Not to mention us ordinary citizens who don't wholly and utterly trust the organs of the state to act systematically in our best interests.)

If so, it's a brave move. But somehow it just seems so unlikely...

Yes

[unity100 (970058)]

Just as the gun manufacturers manufacture guns that are as easily used by psychopaths as they are used by legitimate owners.

Re:

[quentin_quayle (868719)]

Whenever you see the word "trust" in name or catch-phrase for computer hardware these days, to tell whether it's really for security or whether it its for a DRM scheme, you have to ask, Who is trusting whom to de what?

To meet any reasonsable security policy one would need a "yes" to each of the questions: Is the source code for the encryption routines provided? Is a complete API provided? And can the owner of the hardware verifiably replace every digital key in the device?

If the answer to any of these is no

Re:

[Tweekster (949766)]

What is the penalty. Hand over your key...er wait what do you mean it doesnt work, seriously that is the key, i must have wrote it down wrong, DAMNIT.

Re:No back doors?

[walt-sjc (145127)]

Of course no discussion about back doors or prison is complete without linking to two.

Re:No back doors?

[Lumpy (12016)]

Which is why smart people use something that give plausible deniability.

truecrypt [truecrypt.org] allows you to create a double encrypted volume. 2 passphrases. 1 - lets your torturers into a set of incriminating looking but innocent files, the other lets you into the real files. there is NO WAY to detect or extract the real files from the planted files.

look innocent to the coppers while you continue to hide the goodies.

looks even better if you have other things that use the same planted password and are your tax info ,etc...

Re:No back doors?

[perrin (891)]

Truecrypt is a nice idea, except that if the interrogators find truecrypt on your harddisk, they may automatically assume you have a hidden volume inside your encrypted volume. It is only when truecrypt is distributed on your distro of choice by default, and is used there regularly to encrypt volumes without a hidden volume, that it provides plausible deniability.

Wow

[OverlordQ (264228)]

Laptop computers with DriveTrust-based hard drives would prompt users to type in a password before booting up the machine. Without the password, the hard drive would be useless, Seagate officials said.

Even data-recovery specialists would not be able to help if the assigned password somehow gets lost, said Scott Shimomura, a senior product marketing manager at Seagate.

Good thing passwords are never forgotten.

Re:

[interiot (50685)]

Good thing people have backup systems in case their mobile computer gets stolen or faces some other mishap.

Really, if you've got valuable enough data to be encrypting it, you'd be nuts to not have it properly backed up as well. Though I guess bad decisions happen...

Re:

[jbarr (2233)]

So much for allowing my remote-access computer at home to auto-boot....

Remote access *is* a consideration.

[Kadin2048 (468275)]

This is actually a very good point.

All of these solutions are mostly aimed at PCs used by users right at the local console, but I could see a lot of good reasons for wanting encryption on a server, or other colocated computer. Or maybe I just want to make sure that my desktop workstation doesn't hang forever after a power outage, waiting for someone to put a password in on its local console.

It would be nice if there was a way to mount one of these drives by giving it a password over a secure networked conne

Not in my IT department!

[bbernard (930130)]

Because I don't want the added lag of hardware en/decryption with every write/read.

Because I don't want one more password per computer that I, as an IT admin, need to keep track of.

Because I don't want even the operating system, swap, graphics, and music files encrypted.

Because new technology like this *never* causes any issues with the system's operation.

No, not in my IT department.

And maybe you don't need it..

[Vellmont (569020)]

Unless you're handing classified information, have employees take home thousands of credit cards on laptops, or thousands of medical records on laptops you're probbably not really the target for a drive like this.

If your company does handle this kind of data (or worse), maybe you should be re-examining your role as a sys-admin or manager. It's not all about making your life easier you know. There are of course risks and costs to maintaining a database of passwords, small performance costs for encrypting/decrypting the HD, and possible incompatibilities. There's also risks and costs associated with someone losing the laptop and the big headlines in the newspaper about how your company now looks like a bunch of ass-hats for losing 200,000 CC #s, 50,000 medical records, etc. Security and administration is about managing risk. If the overall risk is lower with this drive (and the price is right), you do it.

Re:Not in my IT department!

[JustASlashDotGuy (905444)]

Interesting... You don't want it in your IT Dept, yet we are eagerly awaiting it in our IT Dept. We're not going to go with the Seagate solution, however we are eagerly awaiting the release of Vista so we can take advantage of the BitLocker Encryption. I work for a CPA firm; privacy is pretty important.... especially when you have auditors in the field and the occasional laptop getting stolen. The slight slowness in full harddrive encryption is well worth the price. 99.9% of the users will never notice it.... Excel/Word isn't exactly a HD intensive application. And yes... in the past (5 years ago), we did full HD encryption and it wasn't bad at all (slowness wise). The only issues came into play if you wanted to remove the encyption, or if the drive started to fail and you wanted to boot off a boot disk to grab your data (it was possible, but cumbersome). Hopefully Vista's solution will be more robust. If the trials work out as we hope, full encryption firm wide will be the next step (possibly within 6 to 8 months).

Re:

[bbernard (930130)]

My point is really more about this being an overkill solution, and poorly thought-out as well.

1. I've seen all sorts of problems with encrypting certain system files on a hard drive. Perhaps that's because the encryption has been software based, but key system files seem to have problems when encrypted.

2. How will you enforce strong passwords? How will you enforce password change policies? Can you even change the password once it has been set? If the user and IT agree on a passowrd, can we be sure tha

Re:Not in my IT department!

[JustASlashDotGuy (905444)]

So you want to keep auditors out of your files.

What? Sorry if that's the impression you got, I must have mis-typed. We aren't trying to keep auditors out of the files, we are trying to keep thieves out of the files. We've had laptops stolen while our auditors were out in the field before. The last thing we want is for our client's data to find its way into the wild. If we were working on your tax return, wouldn't you prefer that *if* it was copied to a laptop HD, that the laptop HD be encrypted? Protecting information if very important to us.

Encryption wouldn't have helped cover up Enron. Even if your drives were 100% encrypted, you still have paper copied the Feds could go after. Even if you shred all your paper (which would look very fishy, even in a 'paperless office'), you still have backup tapes. And if every single one of your backup tapes were encrypted AND you just happen to have 'forgot' the password to the tapes as well... well, I think the judge will have you for obstruction at that point.

Trust me.. accountants aren't the most tech savvy individuals. They just do their job and get the hell outta here. Enron and AA had some bad people at the top. A few bad apples which hurt a lot of very good people. They may have been very good at fudging some numbers, but when it comes to "tech savvy'ness".... well, there's a reason that in all the scandle movies.. the only things accounts know how to do is shred paper.

Next time RIAA asks your HD...

[Zaatxe (939368)]

... you can hand it to them with a grim smile on your face!

Re:

[Junta (36770)]

And they will thank you and subpoena Seagate for the encryption key. I suspect they will try to be functionally compatible with the current hard drive password commands used commonly today, and that means the actual key would be stored permamently on the controller board, encrypted using your password, but if Seagate chose to retain that key themselves, you could still be in a world of hurt.

If you actually care about protection from governments, legal actions from private parties, or malicious foreign enti

Progressive decoding

[soft_guy (534437)]

There was a technique that was described on Slashdot a while ago that allowed you to turn over some crypto keys and it would decode a little bit more of the disk each time. That way, your opponent is never sure you have handed over all the keys and it makes it possible to hand over just enough keys to convince a judge. It would be nice if this drive supported that technique so that you would turn over just the first key if taken to court.

Roadmap To DRM'd PC

[mpapet (761907)]

This is one more step toward owning a computer you no longer control.

It's not about end-user encryption, it's about the OS using encryption in some form to eliminate your personal freedoms.

The price will be right though, so most users won't know or care.

The DRM noose around the average user's neck is being sold like a nice, new necktie. Most users will have one in 3-5 years. Then it is only a matter of tightening the noose. If you want it loosened, pay and pay some more.

Finally, there is no market mechanism so the price of loosening the noose around your neck is made by the producer. (A price maker: http://en.wikipedia.org/wiki/Monopoly#Coercive_mon opoly [wikipedia.org])

If you value your personal freedom, you will switch to something freer, then you will tell your friends and help them to do the same. Perhaps a Linux or BSD desktop is a good start.

Troubling implications

[Eravnrekaree (467752)]

I think encryption is better done in software, such as with GPG. Then at least we can read the software code, rather than relying on black box technology.

I also am concerned about the DRM implications of this. Could for instance, in the future, the disk perhaps allow Windows to request that an NTFS filesystem be locked and Linux not be allowed to access it? Could this be used by Microsoft to lock open source programs out of reading data from other programs?

trolls?

[by Anonymous Coward]

1. Use Stolen Template
2. ???
3. Gay!!!!

Re:

[ScentCone (795499)]

Take that MPAA....and RIAA...and NSA....and every other person who wants my bits.

Um, out of curiosity, how is this any different than any other form of data storate crypto, when it comes to a civil suit over whether your box's MAC address, etc., is clearly publishing copyrighted material a thousand "friends" you've never met before? Whether you're hiding data through drive-level encryption, or doing it with an app that runs a few layers farther up the stack, you're still going to have to face a court ord

Re:

[drinkypoo (153816)]

Isn't commercial copyright violation a criminal offense? You can do jail time for it...

Re:

[couchslug (175151)]

Encrypting files rather than drive access is preferable to me, because if I forget a password I can still wipe and reuse the drive. Solutions that result in junk hardware are probably ok for some commercial customers, but I'd like to be able to save my gear if things go wrong.