Michael Jardine wrote:
> Message: 1
> Date: Sun, 9 Sep 2007 10:32:19 -0700
> From: "Michael Jardine" <[EMAIL PROTECTED]>
> Subject: Re: [FDE] Seagate FDE and SECUDE software
> To: <[email protected]>
> Message-ID: <[EMAIL PROTECTED]@usa.secude.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Zac,
>
> A BIOS-based password can be cracked within minutes using brute force
> software you can download from the internet. This is partly related to the
> way the password is stored and used in BIOS. Instead, our management
> software uses a hardened Linux pre-boot authentication and the password is
> stored in an area that is inaccessible to anyone. No back doors, and
> certainly no open Windows (bad pun, I admit). In addition, we offer many
> other functions for the single-user. These include single sign-on to
> Windows, Password recovery, multi-user support, and automatic e-update. We
> also enable instant cryptographic erase of the drive. To my knowledge, ours
> is the only software that manages the Seagate FDE drives while protecting
> your computer during both sleep mode and hibernation mode.
> An upcoming version of our single-user product (which we also
> recommend for SMB's) will feature multi-factor authentication as well as
> offline key recovery. Our enterprise version offers centralized
> administrative capabilities and although it easily scales out (our largest
> customer has 70,000 seats), it can just as easily be used by an 'enterprise'
> of 3~5 people.
> Perhaps the most important advantage is that our solution works on
> virtually any PC. If your PC has a Seagate Momentus FDE.2 or FDE.4 drive,
> it will automatically recognize that and activate the drive. If your PC has
> a standard drive, it will default to software-based FDE. (Our product was
> rated 5 stars out of 5 for Performance by SC Magazine). In this way, you
> can blanket your entire laptop systems in one go without having to phase
> according to your budgeted refresh cycle.
> And yes, our software works on machines with TPM but in this case the
> chip is on the hard drive and the keys are stored there. There are arguments
> that this is actually more secure than TPM but that conversation is above my
> level of technical knowledge. In the end it becomes a choice as to where
> you want to store the various keys that are needed. As a member of TCG, our
> goal is to offer choices that suit all users.
>
> I hope this wasn't too long-winded!
>
> http://www.secude.com/finallysecure
>
>
>
> Regards,
> Michael
>
Michael,
If Secude uses a hardened linux pre-boot environment, can it be used
exclusively with Linux as the host operating system? The Secude website
says "Windows XP Service Pack 2" for supported OS. I would think if the
hardened Linux PBE could launch Windows it could launch Linux as well,
or any X86 based operating system reliant on the same BIOS boot device
(0x80, 0x81) pointers (BSD, Windows, Linux, etc).
Also, another user mentioned MacBook Pro. Adoption of the Intel
based Macbook products is growing fast, it is a great laptop. Any
solution for the Macbook EFI environment?
--Jeff
--
Best Regards,
Jeff Johnson
Vice President
Engineering/Technology
Western Scientific, Inc
[EMAIL PROTECTED]
http://www.wsm.com
5444 Napa Street - San Diego, CA 92110
Tel 800.443.6699 +001.619.220.6580
Fax +001.619.220.6590
"Braccae tuae aperiuntur"
_______________________________________________
FDE mailing list
[email protected]
http://www.xml-dev.com/mailman/listinfo/fde
