There are certain Seagate Momentus disks that do AES encryption in
hardware. This means that they use an AES key to encrypt the data, and
you need a ("BIOS"-)password to unlock this key at boot. So whenever you
change the password, it's just that - the AES key stays the same. You
that's how all "FDE" drives work. Already a problem as only BIOS can activate password, there are no command line tool.
And no idea how would it work if more than one disk with FDE is installed on system.
Yes and no. Again, what threat are you looking at. If your adversary can
get physical access to your machine ("evil maid attack"), he can
install a root kit or key logger - which would defeat any software
no concern on "evil maid" really.But simple theft from outside is definitely possible, and DID happened long in the past in spite of some control.
Possibility of theft done for data, not machine is very likely.So lets narrow question - can such thief, with help of some kind of specialist - recover data from FDE encrypted drive without password?
to install a boot-time key logger you would need to get here twice, once to shutdown server and install keylogger (which cannot be unnoticed!!!) and second time to actually steal it.checking out that unencrypted part didn't change after unplanned reboot is good idea. thanks!
