Monday, June 27, 2005

Seagate's encrypted hard drives

This announcement has been getting a fair amount of press recently. I think it's great that a major hard drive manufacturer is getting on the hardware encryption bandwagon, but I have a couple of questions.

First off, it seems as though the user must enter a password to unlock the encryption key before the OS will even boot. Does this imply that you need a special BIOS to handle this functionality?

Also, are there any brute force countermeasures in place to defeat password guessing attacks? It seems as though forensic analysts are going to have a tough time with these, but since most users choose sucky passwords, maybe it's not all bad news for the good guys. On the other hand, good lockout or data destruction features could really come in handy with these units.

If anyone know more about this, I'd appreciate it if you could drop a comment here to clarify things.

Friday, June 03, 2005

Off to InfoSeCon

I'll be flying out tomorrow for InfoSeCon in Dubrovnik, Croatia. I'll be speaking and teaching, but I plan to attend a bunch of the sessions as well. Keep your eyes on the blog for updates throughout next week.