On 10/1/2014 5:48 PM, Bill Bogstad wrote:
Actually, they don't do everything that (open source) software encryption does. They don't let you (or you an agent of your choice) audit the encryption algorithms/implementation to verify that everything is being done to spec.
True as far as your choice; false as far as verification. Opal SSC is a spec from the Trusted Computing Group and you don't get to use the Opal marks if your hardware does not comply with the Opal specs. Additionally, the vendors (I know Seagate and Toshiba for certain) obtain FIPS 140-2 certification for the cryptographic modules in their SEDs (at least for some drives).
Actually, there is one thing that software-based encryption can do better and that's key management in enterprise environments. But we weren't discussing that; we've been discussing personal scale.
-- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
