Re: Can you keep a secret? This encrypted drive can...
Adam Shostack wrote: > Just a nit: as I understand things, Bitlocker is available, but not > on, by default. Someone needs to actively flip a switch to make it > go. Ah, okay. The notes I jotted down from MacIver's talk at HITB in Malaysia indicate he said it was on by default in the upper versions, but I could well have written it down incorrectly. Thanks for the correction. -- Ivan Krstić <[EMAIL PROTECTED]> | GPG: 0x147C722D - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Can you keep a secret? This encrypted drive can...
On Tue, Oct 31, 2006 at 06:50:20PM -0500, Ivan Krsti?? wrote: | On the other hand, Vista is shipping with BitLocker enabled by default | in the upper editions (Enterprise or somesuch), and doesn't rely on Just a nit: as I understand things, Bitlocker is available, but not on, by default. Someone needs to actively flip a switch to make it go. Adam (Speaking for me.) - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Can you keep a secret? This encrypted drive can...
Well for one thing, any software based FDE is extremely slow, doubles the file access times, and is a serious drain on the laptop battery. See the URL below for a software based FDE benchmark/analysis: http://www.xml-dev.com/blog/index.php?action=viewtopic&id=250 What if the encryption key for the Seagate's HDD can be managed using TPM, i.e. wrapped, bound and stored on the TPM. The user will just have to authenticate to the TPM, using a Token or a static password, then the FDE encryption key will be available to the HDD Will this solve the problem? saqib http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]