Hi. Do you-all know if any notebook manufacturers have started
offering notebooks using Seagate's Momentus 5400 FDE drive? That one
encrypts the whole disk in hardware, and decrypts it on the fly.
Sounds good to me! Excelstor also apparently offers a similar disk.

Can I buy it integrated into a notebook?


Regards,

Abraham

I don't know about that, but virtually all IDE hard drives offer drive
password protection, and that alone is extremely secure, to the point
that people who lose the password generally have no way to recover their
data.


AbrahamLincolnIllinois******.com wrote:
> Hi. Do you-all know if any notebook manufacturers have started
> offering notebooks using Seagate's Momentus 5400 FDE drive? That one
> encrypts the whole disk in hardware, and decrypts it on the fly.
> Sounds good to me! Excelstor also apparently offers a similar disk.
>
> Can I buy it integrated into a notebook?
>
>
> Regards,
>
> Abraham
>

"Barry Watzman" <WatzmanNOSPAM@neo.rr.com> wrote in message
news:453A348E.1070708@neo.rr.com
> I don't know about that, but virtually all IDE hard drives offer drive
> password protection, and that alone is extremely secure, to the point
> that people who lose the password generally have no way to recover
> their data.

I wondered about that. Mine has this ability and I figured if I used it
and the computer someday falls. I'll never be able to read it on another
computer to pull data off, would I?

--
Bill

You can read it on another computer that supports IDE drive password
protection if you know the password. If you don't know the password,
the drive won't be recognized at all.


BillW50 wrote:
> "Barry Watzman" <WatzmanNOSPAM@neo.rr.com> wrote in message
> news:453A348E.1070708@neo.rr.com
>
>> I don't know about that, but virtually all IDE hard drives offer drive
>> password protection, and that alone is extremely secure, to the point
>> that people who lose the password generally have no way to recover
>> their data.
>
>
> I wondered about that. Mine has this ability and I figured if I used it
> and the computer someday falls. I'll never be able to read it on another
> computer to pull data off, would I?
>

Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
> I don't know about that, but virtually all IDE hard drives offer drive
> password protection, and that alone is extremely secure, to the point
> that people who lose the password generally have no way to recover their
> data.

I would hardly call the "password protection" scheme on most
drives "extremely secure". If someone, beyond a casual user, wanted
your data then it most likely could be had. That may or may not involve
disassembling the drive and special equipment to recover it. I guess it
depends on how critical the privacy of your data is. Maybe this is
good enough for most people, but I think it should be pointed out, that
it is not really all that secure compared to encryption of the data
itself.

> AbrahamLincolnIllinois******.com wrote:
> > Hi. Do you-all know if any notebook manufacturers have started
> > offering notebooks using Seagate's Momentus 5400 FDE drive? That one
> > encrypts the whole disk in hardware, and decrypts it on the fly.
> > Sounds good to me! Excelstor also apparently offers a similar disk.
> >

The hard drive password protection implemented within the drive is
indeed extremely secure. That doesn't mean that it absolutely can't be
broken, but no one has shown a way for an end user to do it on their
own, or at low cost (less than hundreds of dollars ... and,
specifically, less than the cost of a new drive).


B. Wright wrote:
> Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
>
>>I don't know about that, but virtually all IDE hard drives offer drive
>>password protection, and that alone is extremely secure, to the point
>>that people who lose the password generally have no way to recover their
>>data.
>
>
> I would hardly call the "password protection" scheme on most
> drives "extremely secure". If someone, beyond a casual user, wanted
> your data then it most likely could be had. That may or may not involve
> disassembling the drive and special equipment to recover it. I guess it
> depends on how critical the privacy of your data is. Maybe this is
> good enough for most people, but I think it should be pointed out, that
> it is not really all that secure compared to encryption of the data
> itself.
>
>
>>AbrahamLincolnIllinois******.com wrote:
>>
>>>Hi. Do you-all know if any notebook manufacturers have started
>>>offering notebooks using Seagate's Momentus 5400 FDE drive? That one
>>>encrypts the whole disk in hardware, and decrypts it on the fly.
>>>Sounds good to me! Excelstor also apparently offers a similar disk.
>>>

Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
> The hard drive password protection implemented within the drive is
> indeed extremely secure. That doesn't mean that it absolutely can't be
> broken, but no one has shown a way for an end user to do it on their
> own, or at low cost (less than hundreds of dollars ... and,
> specifically, less than the cost of a new drive).

I agree that it will probably make the drive pretty useless to
any would be thief for normal future use. However, I don't agree that
it would go very far in protecting the confidentiality of the data,
which seems to be the original poster's concern. I imagine recovering
the data, if it's not encrypted, may be as simple as getting another
drive of the same type, loading up a modified firmware on that (which
bypasses the password), and then swapping the board onto the old drive.
That's just a guess or theory on how it could be done but something
along those lines. Not really trivial to the casual user, but not
really dificult for someone who was really determined if they wanted the
information off of it.


> B. Wright wrote:
> > Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
> >
> >>I don't know about that, but virtually all IDE hard drives offer drive
> >>password protection, and that alone is extremely secure, to the point
> >>that people who lose the password generally have no way to recover their
> >>data.
> >
> >
> > I would hardly call the "password protection" scheme on most
> > drives "extremely secure". If someone, beyond a casual user, wanted
> > your data then it most likely could be had. That may or may not involve
> > disassembling the drive and special equipment to recover it. I guess it
> > depends on how critical the privacy of your data is. Maybe this is
> > good enough for most people, but I think it should be pointed out, that
> > it is not really all that secure compared to encryption of the data
> > itself.
> >
> >
> >>AbrahamLincolnIllinois******.com wrote:
> >>
> >>>Hi. Do you-all know if any notebook manufacturers have started
> >>>offering notebooks using Seagate's Momentus 5400 FDE drive? That one
> >>>encrypts the whole disk in hardware, and decrypts it on the fly.
> >>>Sounds good to me! Excelstor also apparently offers a similar disk.
> >>>

Re: "I imagine recovering the data, if it's not encrypted, may be as
simple as getting another drive of the same type, loading up a modified
firmware on that (which bypasses the password), and then swapping the
board onto the old drive."

The hard drive password is quite secure, although there is no security
that is unbreakable. In the case of hard drive passwords (using the
mechanisms of the drives themselves) part of it is on the platters, and
part of it is in the flash memory of the circuit card, and they have to
"match", so you can't read the drive by putting it into another
computer, or by swapping the circuit card. Now you suggest "loading up
a modified firmware ... which bypasses the password" onto the drive
circuit card. That will break the security, but that is horrendously
difficult, virtually impossible even for a knowledgeable hacker. Both
getting such firmware in the first place, and getting it installed onto
the drive circuit card are WAY beyond anything anyone would do to unlock
a drive stolen in a random theft. Granted, if we are talking about a
specific theft with a specific target, conducted by someone with a large
(5- or 6-figure bankroll) seeking specific data, it could be done. But
that's not the usual case, and if you are a potential target of that
type of theft, you really need a solution with "national security level"
strength.


B. Wright wrote:

> Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
>
>>The hard drive password protection implemented within the drive is
>>indeed extremely secure. That doesn't mean that it absolutely can't be
>>broken, but no one has shown a way for an end user to do it on their
>>own, or at low cost (less than hundreds of dollars ... and,
>>specifically, less than the cost of a new drive).
>
>
> I agree that it will probably make the drive pretty useless to
> any would be thief for normal future use. However, I don't agree that
> it would go very far in protecting the confidentiality of the data,
> which seems to be the original poster's concern. I imagine recovering
> the data, if it's not encrypted, may be as simple as getting another
> drive of the same type, loading up a modified firmware on that (which
> bypasses the password), and then swapping the board onto the old drive.
> That's just a guess or theory on how it could be done but something
> along those lines. Not really trivial to the casual user, but not
> really dificult for someone who was really determined if they wanted the
> information off of it.
>
>
>
>>B. Wright wrote:
>>
>>>Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
>>>
>>>
>>>>I don't know about that, but virtually all IDE hard drives offer drive
>>>>password protection, and that alone is extremely secure, to the point
>>>>that people who lose the password generally have no way to recover their
>>>>data.
>>>
>>>
>>> I would hardly call the "password protection" scheme on most
>>>drives "extremely secure". If someone, beyond a casual user, wanted
>>>your data then it most likely could be had. That may or may not involve
>>>disassembling the drive and special equipment to recover it. I guess it
>>>depends on how critical the privacy of your data is. Maybe this is
>>>good enough for most people, but I think it should be pointed out, that
>>>it is not really all that secure compared to encryption of the data
>>>itself.
>>>
>>>
>>>
>>>>AbrahamLincolnIllinois******.com wrote:
>>>>
>>>>
>>>>>Hi. Do you-all know if any notebook manufacturers have started
>>>>>offering notebooks using Seagate's Momentus 5400 FDE drive? That one
>>>>>encrypts the whole disk in hardware, and decrypts it on the fly.
>>>>>Sounds good to me! Excelstor also apparently offers a similar disk.
>>>>>
>
>

Barry Watzman <WatzmanNOSPAM@neo.rr.com> wrote:
> Re: "I imagine recovering the data, if it's not encrypted, may be as
> simple as getting another drive of the same type, loading up a modified
> firmware on that (which bypasses the password), and then swapping the
> board onto the old drive."

> The hard drive password is quite secure, although there is no security
> that is unbreakable. In the case of hard drive passwords (using the
> mechanisms of the drives themselves) part of it is on the platters, and
> part of it is in the flash memory of the circuit card, and they have to
> "match", so you can't read the drive by putting it into another
> computer, or by swapping the circuit card. Now you suggest "loading up
> a modified firmware ... which bypasses the password" onto the drive
> circuit card. That will break the security, but that is horrendously
> difficult, virtually impossible even for a knowledgeable hacker. Both
> getting such firmware in the first place, and getting it installed onto
> the drive circuit card are WAY beyond anything anyone would do to unlock
> a drive stolen in a random theft. Granted, if we are talking about a
> specific theft with a specific target, conducted by someone with a large
> (5- or 6-figure bankroll) seeking specific data, it could be done. But
> that's not the usual case, and if you are a potential target of that
> type of theft, you really need a solution with "national security level"
> strength.

While I agree it is no trivial task, I'm just trying to point
out that the original poster was interested in drives that do hardware
key based ecryption, not just a security password. Saying the drive
has a security password is only a step better than most of these
companies losing laptops loaded with data saying "it was password
protected". What that translates to is almost always: "It has an
admin password on the operating system". Wow, that takes about five
seconds to get around!

We don't know what the original poster's motivation is, maybe
he stores a lot of personal financial data and travels, maybe he's
developing a product worth millions, or maybe he just values his
privacy, who knows. The type of budget to recover the data off the
drive if it's only password protected is not in the 5-6 figure range,
more like the low 4 figures. Yes, to have your very own facilities to
do this task repeatedly will cost you heaps, but there are plenty of
places out there that will do it as a one-off relatively cheap.