Coming soon: Full-disk encryption for all computer drives

[DaBees-Knees]

http://tinyurl.com/dgrton (Note the original Computerworld url was to large)

The world's six largest computer drive makers today published the final specifications for a single, full-disk encryption standard that can be used across all hard disk drives, solid state drives (SSD) and encryption key management applications. Once enabled, any disk that uses the specification will be locked without a password -- and the password will be needed even before a computer boots. The Trusted Computing Group (TCG) specifications cover storage devices in consumer laptops and desktop computers as well as enterprise-class drives used in servers and disk storage arrays.  "This represents interoperability commitments from every disk drive maker on the planet," said Robert Thibadeau, chief technologist at Seagate Technology and chairman of the TCG. "We're protecting data at rest. When a USB drive is unplugged, or when a laptop is powered down, or when an administrator pulls a drive from a server, it can't be brought back up and read without first giving a cryptographically-strong password. If you don't have that, it's a brick. You can't even sell it on eBay." By using a single, full-disk encryption specification, all drive manufacturers can bake security into their products' firmware, lowering the cost of production and increasing the efficiency of the security technology. Governments will have a back door entry !!!!!

The TCG includes Fujitsu, Hitachi GST, Seagate Technology, Samsung, Toshiba, Western Digital, Wave Systems, LSI Corp., ULink Technology and IBM.

I wonder if this is a good move?.......Seeing as Fujitsu have announced that the they are pulling out of harddrive manufacture and Seagate have still to fix a problem with their latest harddrives (even after a firmware update that caused more problems than it cured). Also, think of all those lost passwords !!!!

[White Stripes]

if governments have backdoor entry (ya gotta love that half-assed idea of 'trusted computing') then so soon will everyone else...

[Cobra]

The more faith that you put in security, the more comfortable and less "on guard" you become. People need to stay on guard more.

Add this feature as "protection" to a drive and almost everyone using it will choose a simple password to remember, making it that much easier for whoever steals the drive to use their brute-force program to find it. Or, as Silver Stripes said, they could just access it through the governmental backdoor that will be leaked onto the Internet.

[Trestor]

Picking up a minor statement from the article, I always have a philosophical problem with the assumption that a government is a benign institution and that it somehow has a right to have access to anyone's computer, through purposefully created 'back doors'.

I understand very well concerns about terrorism and crime and one wouldn't want such people walking free because their computers couldn't be opened, but to me there is something icky about an overbearing government giving itself the right to rifle through anyone's home computer. I wonder if industry computers have to have back doors available for government use?

Some governments we live under are (relatively) benign, but that can change in the future and a reign of terror would ensue if all our computers disgorged all our personal lives to the investigators.

I think anyone who argues that 'If you've done nothing wrong you have nothing to fear' knows neither history, human nature or the heavy hand of an oppressive government.

[Daniel]

Encryption "is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key". The part about how Governments will have a back door entry makes this not fit the definition of encryption; therefor, I believe it is not.

[White Stripes]

I believe it is not.

no... its not... its part of that TCPA/TCG (trustworthy computing) where the computers trust lies in who owns the operating system and who governs you.... not in yourself...

linux FTW.... cos vista already has this started and i garantee windows 7 will make this crap worse...