Disk Manufacturers Settle on Encryption Standard
Disk drive manufacturers of the world, unite!
According to Computer World, the six biggest disk drive companies on the planet have put their heads together and agreed upon a set of encryption standards, which will eventually make their way onto every hard drive and solid state drive on the market. The Trusted Computing Group (TCG), which includes Seagate, Western Digital, Hitachi and Toshiba as some of its storage members, has released details on three encryption standards which cover desktop, laptop and enterprise storage drives.
The three specifications introduced by the group today each target a different segment of the hard drive industry. The Opal specification gives requirements for hard drives used in desktops and laptops. The Enterprise Security Subsystem Class specification focuses on enterprise hard drives, which are typically found in data centers. The last standard, or Storage Interface Interactions specification, focuses on the connection types, including Parallel ATA, Serial ATA, SCSI and ATAPI.
“Lost and stolen data costs industry and consumers hundreds of millions of dollars, not to mention loss of credibility, legal issues and lost productivity," said Robert Thibadeau, chief technologist at Seagate and chairman of TCG's Storage workgroup. "TCG’s approach to Trusted Storage gives vendors and users a transparent way to fully encrypt data in hardware without affecting performance so that data is safe no matter what happens to the drive.”
With universal encryption standards, end-user security is now already in place. If Joe Q. Consumer buys a new internal hard drive at retail, or an IT department is refitting its servers with new enterprise drives, the security is already there, making their lives and jobs a lot easier, as well as potentially saving them money.
According to the statement released by the TCG, over 250 million records have been lost and/or stolen since 2005. With these new universal specifications, perhaps that number will be drastically reduced over the next several years.
You can find the TCG's statement in its entirety here.
- Eager Fan Campaigns for Windows 7 Release Now
- Stanford Prof. is Nvidia's New Chief Scientist
- Super Talent's New SSD Upgrade for Asus Eee PC
- Sony Files for Touchscreen Printer Patent
- IBM Settles, Papermaster is Apple-bound
- PC Gaming Roundup - January 28, 2009
- Fujitsu Ditching Hard Drive Business
- MSI's New Gaming Notebook Revealed
- SSDs Get Ready for a Late 2009 Boost
- Graphics Cards Shipments Way Down in Q4 2008
- PC Gaming Roundup - January 30, 2009
- Intel to Reveal Eight-Core Xeon Next Month
- Samsung Develops 4Gb DDR3 for 32GB RDIMMs
- AOL to Layoff 10 Percent in 2009
- Phenom II X4 3.6GHz and RV740 This Year?
- Verizon Offers $200 Rebate on Sony's Vaio P
- Intel Files $50M Suit Against Insurance Company
- Microsoft: No Additional Windows 7 Public Betas
Trusted Computing Group - the ultimate in DRM:
http://en.wikipedia.org/wiki/Trusted_Computing_Group
This is pathetically unspecific. What kind of encryption did they decide on, a Caesar shift cipher or AES256?
Maybe it uses a Rotating Clear Text.
We can make harddrive password mandatory during boot up, to access the content of harddrive.
If we dont know the password, then we need to re-format the harddrive.
So the control is actually at bios level by using hardware, not software.
This is pathetically unspecific. What kind of encryption did they decide on, a Caesar shift cipher or AES256?
This is a news post, so the details were few for a reason. Check out the statement (PDF) @ the bottom of the post.
-Devin
Hail Caeser!
Maybe this is just the cynic in me, but by creating a standard, on the other side of the blade, does that not also mean that once someone figures out a workaround/crack for the encryption, they can just dance from machine to machine and open them all up with the same method?
Yeah slap-0, but this way the cops have a standardized backdoor.
slapdashzero: are you striving for security through interoperability? So far, having Windows, Linux, Unix, and MacOs hasn't stopped virii from being developed for all the OSs. Sure, Windows is a bigger target, and thus affects more people, but that's Microsofts fault for lax security development, not because its OS is nearly ubiquitous.
Hopefully by working together, there will be a single, stronger encryption rather than 6 weaker ones that require your company to purchase 6 different types of software, or only purchase from a single harddrive manufacturer.
@anonymous_1
ever hear of resetting the bios. password gone. access granted. the only way to prevent it is custom bios w/ a password build in and a requirement on password at the bios level. good luck getting custom bios written.
also, remove drive, put in other box, bios totally removed from the equation.
Physical access means i have broken your security, in time, i WILL brute force you. current encryption standards wont hold up, that's why we keep making new standards.
There is true-crypt... sounds like it can do boot-ups with whole-disk encryption so if you do pop it in another box you can't do anything without the password...