You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2012-04-04 11:57:22
- Dieter@be
- Forum Fellow
- From: Belgium
- Registered: 2006-11-05
- Posts: 2,001
- Website
intel ssd 320 AES encryption
I have a new lenovo thinkpad t420s with an intel 320 SSD 160GB.
To my suprise, I found out the SSD supports on-the-fly hardware AES encryption.
In fact, it seems to be enabled by default (with a factory random generated 128bit key), although it obviously only makes sense if the key is protected with a password.
And that password is a so called "ata drive password", which can be configured in the lenovo bios.
This sounds neat so I started looking further into it. It could simplify my disk layout (no more luks/dm_crypt)
Only I found out that the ata password is not stored securely and seems you can bypass it anyway. 
back to dm_crypt...
See
marketing talk: http://www.intel.com/content/www/us/en/ … brief.html
tech talk: http://communities.intel.com/thread/205 … 5&tstart=0
< Daenyth> and he works prolifically
4 8 15 16 23 42
Offline
#2 2012-04-04 14:59:25
- Wilco
- Member
- Registered: 2008-11-09
- Posts: 440
Re: intel ssd 320 AES encryption
That's too bad. In my experience most hardware that should be encrypted is easily circumvented by just taking out the harddrive and plug it in another linux computer.
Offline
#3 2012-04-04 16:42:56
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: intel ssd 320 AES encryption
Unfortunately (and proven here once again), the multitude of "highly secure storage media" offers little to no added value when it comes to actual security. Marketing is what it's all about.
Burninate!
Offline
Pages: 1