Daniel, Some of the technical details that you asked may be answered in the presentation that were given Monday at the 2009 RSA conference:
http://www.trustedcomputinggroup.org/solutions/data_protection Scott On Wed, 22 Apr 2009, Daniel Feenberg wrote: > > > On Mon, 20 Apr 2009, Simson Garfinkel wrote: > >> I would like to amplify what Scott has said below. >> >> I think that it is a common misconception that drives which are used >> on servers in a secure location do not need FDE. In my research I >> have purchased thousands of hard drives on the secondary market and >> examined those drives for an indication of the data left on them by >> previous users. The most sensitive (and potentially damaging) data >> comes from drives that were used in servers, were taken out of >> service, and then ended up in my hands. >> > > I am curious - how do you arrange for key entry in a server? Does the > operator enter it from the console on each boot? Doesn't that make "lights > out" operation difficult? I wouldn't like to give up the ability of machines > to reboot unattended. If it is stored somewhere on the computer, don't you > still have the problem that possesion of the hardware implies access to the > data? > > Anyway, how often do used drives have cash value greater than the cost > differential of regular and FDE drives? Wouldn't it be more efficient to just > destroy used drives if you can't erase the contents? > > Daniel Feenberg > _______________________________________________ FDE mailing list FDE@www.xml-dev.com http://www.xml-dev.com/mailman/listinfo/fde
