1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Lock down your hard drives with Vista

Discussion in 'Article Discussion' started by WilHarris, 26 Apr 2006.

  1. Kipman725

    Kipman725 When did I get a custom title!?!

    Joined:
    1 Nov 2004
    Posts:
    1,753
    Likes Received:
    0
    This is stupid when open source programs allow you to encrypt entire drives and volumes inside drives with harder to break encryption. I guess this is just an M$ attempt to stop duel booting linux...

    as for "trusted" computing, I have hated the idea since it was call paladium and will continue to hate and refuse to financialy support it.
     
  2. Kipman725

    Kipman725 When did I get a custom title!?!

    Joined:
    1 Nov 2004
    Posts:
    1,753
    Likes Received:
    0
    mine :D seriously theres no way anyone this decade (bar any super advance in encryption can get into my secured data). This freaks the govenment out as they no longer have the ability to pry into everything like they have become acustomed to. In america the govenment has gone as far as banning the use and creation of encryption that they cannot break... so I guess this M$ software will have crap encryption. If it's designed for biusinuss they should be destroying HD's anyway...
     
  3. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    Erm...good point. You could do exactly what -xp- suggests.

    I guess you might have to pull the drive to circumvent a BIOS password. Or if the lappy didn't have an optical drive, or was set not to boot from CD (and the BIOS was locked down).
     
  4. Kaze22

    Kaze22 New Member

    Joined:
    3 Dec 2005
    Posts:
    419
    Likes Received:
    0
    On a laptop you'll still need the bios password, and the login encryption. If you install a new OS on the drive using an seperate PC you lose the data on it, the new OS won't see the data on the old partition as it's encrypted.
    If you wanna use the Lappy you still need to bios pass, it's just now you won't have access to the HDD data.
     
  5. Firehed

    Firehed Why not? I own a domain to match.

    Joined:
    15 Feb 2004
    Posts:
    12,574
    Likes Received:
    16
    No, you can format the disk, you just can't pull any data off of it beforehand.

    If I want my data gone, I'll use dban. Till then, the ACLU is my friend.

    mclean007 - probably every single one made in the last five years, if not more. The TC modules ("fritz chips") have been in processors or motherboards (I'm pretty sure they're in the proc and not the mobo, contrary to the article) just sitting idle for quite some time. Some newer business laptops already use them, though not quite for this purpose.
     
  6. yahooadam

    yahooadam <span style="color:#f00;font-weight:bold">Ultra cs

    Joined:
    21 Mar 2006
    Posts:
    1,323
    Likes Received:
    0
    if you set an administrator password you need to enter it before you can access data from the HDD (well theres some way of locking the HDD w/o p/w)
    So its not neccasarily as easy as using the xp cd

    if you could use knoppix or somthing with it, your shouldnt have any problems tho
     
  7. FIBRE+

    FIBRE+ Active Member

    Joined:
    27 Feb 2005
    Posts:
    1,597
    Likes Received:
    11
    Well if they use this across all versions of Vista (which i doubt) it will probably just be another reason for people to carry on using a "funny" copy of Windows. I really dont want all this extra crap causing more hassle than its worth.

    It will be useless on a lot of peoples machines anyway (unless the HDD and pc are separated), most people dont bother passwording there pc or they use something too obvious. Or like most of my mates don't bother passwording the administrator account as they use another, so in that case you just use ye old safe mode trick :p
     
  8. Guest-16

    Guest-16 Guest

    Well, what's stopping people quick formatting them, then getting at the data afterwards? Is the actual data scrambled or is it just the data address? Cause if the whole lot is scrambled wouldnt that take a whole lot more disk space and computational time?
     
  9. Dr. Strangelove

    Dr. Strangelove New Member

    Joined:
    13 Mar 2005
    Posts:
    345
    Likes Received:
    1
    That is a very good point!

    I once saw a product which kept the encryption keys on a USB key, that way (if you remembered to remove your USB key) the government or any other thief could steal the whole PC without being able to immediately decrypting the disk. As far as I remeber it encrypted the whole lot and worked by being put between the disk and the MB.

    But I have to agree with the most of you, if someone wants your data they will get it no matter how well encrypted it is. Burn the HD and the data will be safe... I think :worried:
     
  10. Atomic

    Atomic Gerwaff

    Joined:
    6 May 2002
    Posts:
    9,646
    Likes Received:
    94
    When I saw the title I thought of...

    (THE STREETS - Has It Come To This)

    :hehe:
     
  11. konsta

    konsta New Member

    Joined:
    2 Jul 2005
    Posts:
    95
    Likes Received:
    0
    A few people seem to be missing the point somewhat:
    This technology is of very limited use at all for the home user wishing to protect themselves from the government. A backdoor wouldn't even be very interesting to the government.

    The idea of the technology is to allow business users to throw away hard disks without the fear that someone can pick them out of the dustbin, and read private records.

    If the authorities wish to swoop on a paedophile, then they will certainly remove his entire computer, motherboard, encryption chip and all. They will have no problem at all accessing the data so long as the hard drive is still in the computer.

    No home user is ever going to want this software: if thieves take the computer, they will be taking the whole thing and be able to access your data so long as they can log in without reformatting. What it would mean in practice to the likes of us, is that we wouldn't be able to take a hard drive to a friend's house to swap data, or upgrade our motherboards with ease.

    So in short: I don't see any problem with this feature from the point of criminal activity/national security; it is merely a useful business orientated feature.
     
  12. TGImages

    TGImages Grandpa

    Joined:
    11 Aug 2004
    Posts:
    161
    Likes Received:
    1
    I think the arguement here is what happens to the hard drive if it's separated from the mobo. If the police are swooping in just take a hammer to the mobo and your hard drive is essentially useless.... however....

    What is it on the mobo that does this encryption? A random key? or a fixed key? Would not the mobo/chipset manufacturers know what chips they've sold? Could they not create a second identical chip, drop it in a mobo and have a second "key" to your HD? If so then law enforcement just calls up mobo manufacturer and gives them the serial number of the mobo... they look it up, burn a new chip and send the board to the law who then views your hard drive.

    I'm GUESSing at this as a possibility and would be happy to read more on how this will be implemented if anyone can provide a URL with more details.

    Thanks
    -Gary
     
  13. zr_ox

    zr_ox Whooolapoook

    Joined:
    5 Jan 2005
    Posts:
    1,143
    Likes Received:
    0
    Admittedly...this is not for everyone, I'm sure you will be able to control this from the bios.

    As for 128-256 bit AES encryption being unbreakable...no! We set up a Wireless network and brute foreced our way in with an 800Mhz laptop running Win2K in 8 minutes.

    If you can create it...you can break it!
     
  14. KryoNexus

    KryoNexus New Member

    Joined:
    21 Jan 2004
    Posts:
    122
    Likes Received:
    0
    well first off, breaking encryption on WiFi is trivial because of the way in which it is transmitted. that is completely different than enryption of a wired device.

    second, this is outstanding for the govt and large enterprise sector. many govt agencies have stockpiles of hard drives waiting to be destroyed. this costs enormous amounts of money. for one, govt computers are generally leased, which means they go back to the manufacturer at EOL. this mostly applies to servers. by adding hardware level encryption, the govt can just toss the hard drives in the trash or arrange to have them shipped back to the manufacturer separate from the server itself.

    as far as the consumer side, it's really an unneeded option, particularly since the consumer will upgrade hardware as opposed to just upgrading the entire computer. this brings me to my last point.

    this means absolutely nothing for laptops. the VAST majority of people do not put BIOS passwords on their laptops. even if they do, pulling the CMOS battery is generally not much more difficult than on a desktop. despite all of this, all you need is a copy of NT Crack and 5 minutes of your spare time to unlock an Admin account.
     
  15. metarinka

    metarinka New Member

    Joined:
    9 Feb 2003
    Posts:
    1,844
    Likes Received:
    3
    yah, this doesn't seem to be aimed towards the home market at all. encryption either falls into 2 categories, any script kiddy with 10 mins could crack it (windows xp pass)
    or if you misplace your randomly encrypted 256-bit key card, it might be hackable but no one cares enough to try.

    this definately isn't for the home market as it sounds like changing the mobo could kill it. Also think this will have any impact on Raid Arrays? as in if you need to replace a disk or raid controller, you get screwed over?

    and never forget about other forms of password cracking, key logging and just physically spying on it being the easiest
     
  16. Forsaken

    Forsaken GameFaction.com

    Joined:
    27 Mar 2001
    Posts:
    673
    Likes Received:
    0
    unless i have missed anyone saying this allready, encrypted hard disks are only as useful as the password on the user accounts.

    PC 1) None-encrypted HDD, no/Weak Windows password - easy access to data.

    PC 2) None-encrypted HDD, Strong Passwords - drop the drive into another box or boot off a live CD, snag the Password hash's from Reg, brute force them or stick them into rtcrack with pre formed tables, bang theres your data - just takes a while longer than example 1.

    PC 3) Encrypted HDD, strong passwords - how do you snag the hash's to crack now ?
     
  17. specofdust

    specofdust Banned

    Joined:
    26 Feb 2005
    Posts:
    9,568
    Likes Received:
    168
    That's absolute tosh and he knows it. There are quite a few encryption methods that are utterly uncrackable unless you know the right string, or method for decoding them. You could brute force them, but the data would be mangled into uselessness.

    Anyway, this is a feature of Vista that I hope is promptly worked around, or stopped. I'll be happy to flash any "trusted" chip on my motherboard that has this stuff on it.

    This is true, but the important word is break, if the right encryption is used then thats exactly what you do, you break it, you don't decode it. While microsoft may be talking about the massive majority of basic or poorly implemented encryption methods in the world, there are some, if correctly set up, that will never, ever be decoded by brute force.
     
  18. Cthippo

    Cthippo Can't mod my way out of a paper bag

    Joined:
    7 Aug 2005
    Posts:
    6,783
    Likes Received:
    101
    So, um, what happens when your Mobo borks? :worried:
     
Tags: Add Tags

Share This Page