Le 20/07/2012 11:12, Wojciech Puchar a écrit : > Many today SSD and some magnetic disks have AES-128/256 encryption > builtin. > > If BIOS supports it, it ask for password then send it to hard disk > after which it decodes it's AES key so it start to work. > > No software crypto overhead, everything fine. > > My question - how secure it really is. > > One extremity is to assume it is certainly well done. > Another - that there are encryption at all, just simple password check. > > Both are possible as there is no way to check. > > I want your opinions. Software encryption would make quite a bit > overhead for my setup. > >
As your disk is probably not 'open source' (?), you don't know if there is a really encryption, or if there is a secret password (as for some bios) that permits to access data. If I was you, I would prefer to use a software-based encryption (luks, softraid, ...), even if it has some disadvantages. Keep in memory that, whatever you do, if a guy has money and WANTS your data, he can get these. So, as long as you're not a terrorist, I think you can sleep quietly without take care of the CIA spy under your bed. But if you are, this spy just has to obtain the encryption method (or the global password, if there is) by giving $$ to the manufacturer of your disk, and then crack it. Some of the books I have are very funny at this point... I think that as long as it's not open source it's unsecure. This is me, and I could be wrong. In all cases, encrypt disk is more secure than not to encrypt disk. Maxime
