Re: self-encrypting drives (SED)

To: debian-user@lists.debian.org
Subject: Re: self-encrypting drives (SED)
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Date: Sat, 21 Nov 2015 20:11:28 +0100
Message-id: <[🔎] 5650C1E0.30907@plouf.fr.eu.org>
In-reply-to: <[🔎] 565074A4.8040706@affinityvision.com.au>
References: <[🔎] 564FDDF6.6010805@holgerdanske.com> <[🔎] 5650368F.5000500@plouf.fr.eu.org> <[🔎] 565074A4.8040706@affinityvision.com.au>

Andrew McGlashan a écrit :
> 
> On 21/11/2015 8:17 PM, Pascal Hambourg wrote:
>> David Christensen a écrit :
>>> As I understand it, self-encrypting drives (SED) encrypt everything
>>> (including the boot partition).  To use this feature, you need a 
>>> computer with BIOS/ UEFI that supports it -- e.g. the BIOS will prompt 
>>> you for the password during POST; if you don't enter the correct 
>>> password, the drive remains locked and its contents are inaccessible; 
>>> doing a secure erase will wipe the contents and then unlock the drive:
>>
>> Assuming the vendor firmware has no backdoor or flaw allowing to bypass
>> the user-defined password.
> 
> Ditto for the drive's own firmware. ;-)

That's what I was referring to as "vendor firmware". The disk vendor, or
course. What else ?

Reply to:

Follow-Ups:
- Re: self-encrypting drives (SED)
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

References:
- self-encrypting drives (SED)
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: self-encrypting drives (SED)
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: self-encrypting drives (SED)
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

Prev by Date: Re: LVM info - OTHER than HOWTO's
Next by Date: Re: self-encrypting drives (SED)
Previous by thread: Re: self-encrypting drives (SED)
Next by thread: Re: self-encrypting drives (SED)
Index(es):
- Date
- Thread