Morning Matthieu, Thanks for your quick feedback much appreciated ! ^_^
Indeed, the FDE solution depends on your motherboard's technology and can't be implement on any standard motherboard. :o) Thanks a lot for your help on this. Thomas NGUYEN VAN ----- Original Message ----- From: "Mathieu Simon" <[email protected]> To: "Thomas Nguyen Van" <[email protected]>, [email protected] Sent: Monday, January 24, 2011 9:45:59 AM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna Subject: Question related to FDE (Full Disk Encryption) solution under Linux Debian Lenny Hi Thomas Actually I do have a Thinkpad with an FDE SSD from Toshiba with a similar concept as I was able to understand it. I've looked over the doc and Seagate offers 2 ways how to access the drive: Either by software driver (which is OS dependent) or use BIOS integration which is then OS-independent. Second way is exactly how Lenovo integrated the FDE disk on my laptop: The key is generated using the BIOS and can be protected by a password, by default it seems to be just an empty key, but data is transparently encrypted on the disk. So when you change the password, Lenovo warns you about this, a new encryption key is generated. Which results in the fact that you can't access the already-present data on the disk anymore since they were encrypted with the previous key. This solution is OS agnostic but highly dependent on the hardware manufacturer and as it was already written: When the board is bricked you lose your data unless you were able to backup the key, which is not always possible. Non-FDE SSD wasn't available in the size I wanted it from Lenovo at the time I bought it. Maybe check out this: http://www.thinkwiki.org/wiki/Full_Disk_Encryption_%28FDE%29 - Mathieu -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/390309.20791295862806267.JavaMail.root@IRL-DUB-P-SRV-02
