Jeff, Sorry for the delay in response. Theoretically you are correct; indeed we have been able to authenticate to a dual boot machine (Linux/Windows). But the management software runs on Windows. So it would be relatively easy for us to commercialize a Linux version if there was market demand. Adaption to OSX is also quite possible and we have already tested it in our labs. So if there is market demand, we can meet it. Regards, Michael ________________________ Michael Jardine SECUDE IT Security - Seattle -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Johnson Sent: Monday, September 10, 2007 12:26 PM To: [email protected] Subject: Re: [FDE] Seagate FDE and SECUDE software Michael Jardine wrote: > Message: 1 > Date: Sun, 9 Sep 2007 10:32:19 -0700 > From: "Michael Jardine" <[EMAIL PROTECTED]> > Subject: Re: [FDE] Seagate FDE and SECUDE software > To: <[email protected]> > Message-ID: <[EMAIL PROTECTED]@usa.secude.com> > Content-Type: text/plain; charset="us-ascii" > > Zac, > > A BIOS-based password can be cracked within minutes using brute force > software you can download from the internet. This is partly related to the > way the password is stored and used in BIOS. Instead, our management > software uses a hardened Linux pre-boot authentication and the password is > stored in an area that is inaccessible to anyone. No back doors, and > certainly no open Windows (bad pun, I admit). In addition, we offer many > other functions for the single-user. These include single sign-on to > Windows, Password recovery, multi-user support, and automatic e-update. We > also enable instant cryptographic erase of the drive. To my knowledge, ours > is the only software that manages the Seagate FDE drives while protecting > your computer during both sleep mode and hibernation mode. > An upcoming version of our single-user product (which we also > recommend for SMB's) will feature multi-factor authentication as well as > offline key recovery. Our enterprise version offers centralized > administrative capabilities and although it easily scales out (our largest > customer has 70,000 seats), it can just as easily be used by an 'enterprise' > of 3~5 people. > Perhaps the most important advantage is that our solution works on > virtually any PC. If your PC has a Seagate Momentus FDE.2 or FDE.4 drive, > it will automatically recognize that and activate the drive. If your PC has > a standard drive, it will default to software-based FDE. (Our product was > rated 5 stars out of 5 for Performance by SC Magazine). In this way, you > can blanket your entire laptop systems in one go without having to phase > according to your budgeted refresh cycle. > And yes, our software works on machines with TPM but in this case the > chip is on the hard drive and the keys are stored there. There are arguments > that this is actually more secure than TPM but that conversation is above my > level of technical knowledge. In the end it becomes a choice as to where > you want to store the various keys that are needed. As a member of TCG, our > goal is to offer choices that suit all users. > > I hope this wasn't too long-winded! > > http://www.secude.com/finallysecure > > > > Regards, > Michael > Michael, If Secude uses a hardened linux pre-boot environment, can it be used exclusively with Linux as the host operating system? The Secude website says "Windows XP Service Pack 2" for supported OS. I would think if the hardened Linux PBE could launch Windows it could launch Linux as well, or any X86 based operating system reliant on the same BIOS boot device (0x80, 0x81) pointers (BSD, Windows, Linux, etc). Also, another user mentioned MacBook Pro. Adoption of the Intel based Macbook products is growing fast, it is a great laptop. Any solution for the Macbook EFI environment? --Jeff -- Best Regards, Jeff Johnson Vice President Engineering/Technology Western Scientific, Inc [EMAIL PROTECTED] http://www.wsm.com 5444 Napa Street - San Diego, CA 92110 Tel 800.443.6699 +001.619.220.6580 Fax +001.619.220.6590 "Braccae tuae aperiuntur" _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
