The Cannot part is not true. The Pen drivers can be loaded into the Pre-boot environment. We do it today.
Regards; Bryan ------------------------------------ Mobile Armor Bryan E. Glancey Co - Founder & Chief Technology Officer [EMAIL PROTECTED] 400 South Woods Mill Rd. Suite 110 Chesterfield, MO 63017 tel: 877-276-6778 fax: 877-277-7369 mobile: 314-495-2048 http://www.mobilearmor.com/ ------------------------------------ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Jardine Sent: Wednesday, July 25, 2007 4:12 PM To: [email protected] Subject: Re: [FDE] tablets again Robin, I too have a Thinkpad X60 and can confirm that a truly secure pre-boot authentication does not (and cannot) work in tablet mode because you are authenticating to the computer before the operating system has access. The only way to get around this would be to load pen drivers into the pre-boot environment. However with the X60 you can authenticate using the keyboard, then go into tablet mode. Is there a reason why you cannot start off in keyboard mode? This may be off topic, but I had issues with the fingerprint reader on my X60. When I put the computer into standby mode, about half the time it would then freeze the system upon resuming. I believe this is related to how the fingerprint reader re-authenticates to the system after it goes into standby, during which time the hard drive is still powered. In the end, it is more secure to simply go into Hibernation. However you would have to configure this manually if you purchase a computer that has a licensed OEM version of Microsoft Windows since the default is always standby when closing the cover. When considering FDE software, be sure to check how it behaves when resuming from both standby mode and from hibernation. Regards, Michael Jardine SECUDE IT Security - Seattle -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of robin Sent: Wednesday, July 25, 2007 6:14 AM To: [email protected] Subject: [FDE] tablets again I found out the hard way that tablets and fde are not a good combo. We would like to use pre-boot authentication with a password on tablets in tablet mode (no keyboard). Ideally this would not involve fingerprints. if we HAVE to I guess we could use usb tokens. I am finding that this is not a piece of cake and it may be that there is NO product in existence that can handle the scenario of entering the id/password via a screen keyboard. Is there? The possible choices for laptops are gateway m285e and lenovo x60. (No levono does NOT provide fde in the "client security center" as they apparently did in the x41 despite being incorrectly told that they do by a sales rep. They say that it can be done with an additional product from utimaco but I can't find anything that describes how that works anywhere. If how it works is via the fingerprint reader then forget that. [I personally have never been able to get my fingerprints to pass one of those on any vendor's model so I'm definitely not going to try to get users to do it over the phone.)If it works via usb smart card then I guess we have to deal with the losing tokens scenario which I'd really rather not deal with :-( _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
