> Typically the software FDE solution should intercept BIOS interrupt > (I'm not > Windows programmer, but back in old DOS times it was int 13h and > 76h) and > individually encrypt/decrypt each 512 bytes sector. It is very CPU- > consuming > process. Up to 48% of the CPU power can be spent on encryption.
Really? I have PGP on my Mac and absolutely love it. In addition, I have not seen any noticeable latency or performance impact, and I hammer my system. Bruce Schneier also brings up a good perspective[1], you may want to consider leaving your FDE to the encryption experts (such as PGP) as opposed to hard drive manufacturers. Don't get me wrong, I'm all for HD FDE as it can simplifies things at the enterprise level, but lets not just start throwing around numbers and poo pooing the software side. lance [1] http://www.schneier.com/blog/archives/2009/02/hard_drive_encr.html _______________________________________________ FDE mailing list FDE@www.xml-dev.com http://www.xml-dev.com/mailman/listinfo/fde
