FOSS cross-platform data drive encryption
Sam Kuper
sam.kuper at uclmail.net
Fri Mar 23 13:30:45 PDT 2012
On 23 March 2012 19:43, Gary Little <gglittle at comcast.net> wrote:
> They are hard drives. Plug them into any SAS or SATA controller and they will be look like any hard drive, work like any hard drive, and will be recognized by any BIOS or EFI that I know of, until you configure them to enable FDE, which is supported by both T10 and T13 committees. Even as a configured FDE they will appear but require authentication, very likely using a TPM on the CPU motherboard for key and certificate storage.
Seagate seems to believe otherwise. From the link I provided: "Newer
Mac systems use the Extensible Firmware Interface (EFI) in lieu of a
BIOS. The traditional ATA Security set passwords are system managed
and depend on BIOS which means that the newer Apple notebook systems
cannot set or use traditional ATA Security passwords. The Seagate
Secure passwords are managed by client software."
Apologies if I've misunderstood.
> What do you mean by "FOSS firmware"? To my knowledge when you hit the power switch on a computer the first thing that starts is what we have called the BIOS for at least 20 years and today includes EFI. That's part of the motherboard and to me really has nothing to do with FOSS, or any kind of free open source software. As far as the hard drive itself, that firmware is written by the manufacturer and typically tailored or even totally re-written for every model of hard drive in their inventory.
I mean the algorithm that gets a key from the user, caches it, and
uses it to perform encryption/decryption on writes/reads to the
storage space on the drive. Since I understood that algorithm to be
being executed on the drive in the case of Seagate/Hitachi FDE drives,
"firmware" seemed the right term.
> So, given FOSS does not work with a given hard drive, my first thought would be to wonder what's wrong with the FOSS.
I'm afraid I don't understand this statement.
Thanks,
Sam
More information about the macports-users
mailing list