Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Data Storage Encryption Security Hardware

Seagate Ships World's Most Secure Hard Drive 148

An anonymous reader writes to let us know that after two years Seagate is finally shipping its full-disk encryption product, and you can get your hands on it in a laptop from system vendor ASI.
This discussion has been archived. No new comments can be posted.

Seagate Ships World's Most Secure Hard Drive

Comments Filter:
  • by tomstdenis ( 446163 ) <tomstdenis.gmail@com> on Monday March 12, 2007 @10:06AM (#18316695) Homepage
    worlds stupidest user with passwords like 'password' :-)

    Also how are they using AES? I thought P1619 (XTS-AES) is still a draft. Are they betting it will get adopted unchanged? Or are they using some other thing? Please tell me it's not AES in ECB mode...

    Tom
    • Re: (Score:3, Informative)

      by archen ( 447353 )
      Actually it appears that it is using a CBC, there appears to be a middle layer that arbitrarily partitions sections that are encrypted and decrypted on the fly. I was pretty skeptical the last time this was mentioned on slashdot, but I have to admit this actually looks like a promising product. I'll wait for some more skillful security experts to evaluate it first, but I'm certainly keeping an open mind on it.
      • But CBC requires IVs. Are they using up sectors to store them?

        The whole idea of XTS is that you can get privacy without extra storage.

        Tom
      • Re: (Score:3, Interesting)

        by Loconut1389 ( 455297 )
        I wonder what sector corruption does in CBC mode then? Lose more of the drive? Or have the used some overhead for extra forward error correction?
        • by cortana ( 588495 )
          You lose the rest of the encrypted block, not the whole drive (I think).
          • Re: (Score:3, Informative)

            by J'raxis ( 248192 )

            This is how Linux's crypto-loop works. The CBC is run across only individual 512-byte blocks of the disk. I think they use the sector number as an IV.

        • by this great guy ( 922511 ) on Monday March 12, 2007 @11:34AM (#18317819)
          Most good hard disk encryption technologies behave in way that if a single bit is flipped in an encrypted sector, then the whole decrypted sector becomes corrupted (and others sectors around this one are not affected). This sort of behavior is desired and help prevent content leak attacks.

          For example, Loop-AES behaves like this in multi-key-v3 mode where CBC is used with an IV computed from a secret key, the sector number, and plaintext blocks [1..n-1] in the sector. This is also how Microsoft Bitlocker behaves because they combine CBC with the Elephant diffuser. When CBC is not used, this property can be achieved using LRW or XEX, or wide-block encryption.

    • by twitter ( 104583 ) on Monday March 12, 2007 @11:36AM (#18317843) Homepage Journal

      worlds stupidest user with passwords like 'password' :-)

      That's a joke, but some people really think that way. Blaming "stupid users" makes them feel more secure or helps them pass the buck for choosing systems with poor security. When you think about it, it's not very funny.

      Passive encryption might be a step in the right direction, but I won't trust it as long as the software doing has owners and secrets kept from users. They can point to specs and tell me what they are doing, but that does not mean they are doing that. The owners can break in at will, the keys can be padded with zeros and finally, the owners can make mistakes.

      • A system can have outstanding security and still not compensate for stupid users and social engineering (The two often go hand in hand). The data is held on a password protected disk on a machine which requires a smartcard to log in, and the whole thing is locked within a steel vault buried underground and the only access is through a blast door which relies on retina scans to open.

        What part of that can't be bypassed by somebody giving away what they know/have (Because their friend forgot theirs and really
    • Re: (Score:3, Interesting)

      by simm1701 ( 835424 )
      actually using something as trivial as password (or passw0rd since many things refuse password when setting one) is not always a bad thing

      Take all these shops that you have to sign up with before buying something, all they store is your address, your email address, your email and on rare occasions order history (the ones that also store credit cards are a different matter but those are less common and I'm not talking about those here)

      Why should I use one of my more secure passwords? I dont like to change pa
      • Well for one ... Your credit card info might be stored even if you told it not to ... then the person who guessed your ultra secure password of 'password' can go to your profile and get that info on some sites...some its obscured. Or better yet, even if the credit card is obscured, maybe they can order something and send it to the abandoned house down the street from them. Getting caught for mail fraud might slow them down, but the possibility of getting a shiny new computer at the expense of your lazines
  • Hacked in 3....2....1

    gasmonso http://religiousfreaks.com/ [religiousfreaks.com]
    • Re: (Score:3, Informative)

      by pv2b ( 231846 )
      There's a funamental difference here.

      Most DRM hinges on the fact that the content must stay readable, in however limited a sense. In other words, you're giving the encrypted content to the attacker, who also has to have the key in order to use it. The attacker and the intended recipient are the same person.

      When you take away that requirement, encryption actually becomes workable.
  • Worlds most secure? (Score:2, Interesting)

    by stratjakt ( 596332 )
    What makes this the most secure?

    Is this really any more secure than dm-crypt? Faster, no doubt, but more secure?
    • Re: (Score:3, Informative)

      by Nutria ( 679911 )
      What makes this the most secure?

      Because it's the only (publicly available) HDD with *cryption functions built into the circuitry.

      Is this really any more secure than dm-crypt? Faster, no doubt, but more secure?

      Probably not. But simpler for users/admins to put out in the field.

      But closed-source, so we really don't know how well it was implemented.

      • I guess I still don't get it -- tell me again why doing this in the HDD circuitry is useful?

        I mean, we still do software RAID, and find it pretty useful -- and it's at the point where there's plenty of "fakeraid" out there to deal with Windows' lack of good (cheap) RAID tools. So, why not just implement something similar -- BIOS crypto? That would make it easy enough, without actually having to put more circuitry on the drive.

        For that matter, it seems to me like it would make much more sense to have a gener
        • by Nutria ( 679911 )
          I guess I still don't get it -- tell me again why doing this in the HDD circuitry is useful?

          Because that way the algorithm that *crypts the data always stays with it. If it were BIOS crypto, what happens when Phoenix uses AES and AMI uses Blowfish?

          For that matter, it seems to me like it would make much more sense to have a generic hardware crypto device, so you can use it for other things

          Single-use means: easier to implement and disseminate.

          • If it were BIOS crypto, what happens when Phoenix uses AES and AMI uses Blowfish?

            That's what standards are for, and AES is the standard. Or they could do what HD-DVD/Blu-Ray does and pick a few, and declare that those are possible standards.

            • by Nutria ( 679911 )
              Or they could do what HD-DVD/Blu-Ray does and pick a few, and declare that those are possible standards.

              And if, for "competitive advantage", Phoenix & AMI choose different standards?

              • Worst case, you write a software utility to duplicate the BIOS support. While on the livecd, you have normal access to the disk (via dm-crypt, say), no matter what standard they're in. If you have to set it up to be accessed by OSes which can't or won't implement that crypto, you can convert it to the local scheme on the fly, even in place -- risky, but doable, as pretty much all our ciphers now are 1:1 as far as size goes. Read block, decrypt, encrypt to the new scheme, write block back out over original,
  • by Anonymous Coward
    The article mentions how its on a 3GB/s SATA interface, but that the disk is 5400 RPM. Why bother with the high speed sata? Why not save $$ and put either a PATA or SATA 1 controller? You'll never get even close to 3GB/s- much like you can't get that fast with desktop drives either.
    • Re: (Score:2, Insightful)

      by lukas84 ( 912874 )
      Because by now, a 3GB SATA controller is cheaper than a PATA controller.

      Supply & Demand.
    • by MightyYar ( 622222 ) on Monday March 12, 2007 @10:32AM (#18317061)
      Wild speculation here, but it could be one or more of the following:
      • They sell a lot of drives with a lot of different speeds. It might be cheaper for them to standardize on a few chipsets then to buy different chips and have different designs based on the drive's capability.
      • For marketing reasons, they may have decided to always have the latest-and-greatest buzzword on the box of all of their new products.
      • A major customer asked them to use this interface.
      In all, not the strangest decision I've come upon today.
    • Well, I'm assuming there is a microchip on the drive itself that does the encryption/decryption. I'm guessing there may be a lag between reading the data off the drive and sending it back to the computer via the SATA bus, so giving the highest possible burst speed I can see being an advantage here. More so than a standard 5400 RPM SATA drive that would only have to handle reading and writing, anyway.
    • by TopSpin ( 753 ) *
      Why not save $$ and put either a PATA or SATA 1 controller?

      What, precisely, makes you think also supplying PATA or an older SATA device would be cheaper? Perhaps it is cheaper for a manufacturer to not bother with multiple different SATAs, or fiddly, obsolete parallel buses and simply adopt one device across the board. In terms of R&D, supply chain, manufacturing and QA it is rather easy to imagine that obviating older standards is actually cheaper, but I don't know, because I don't manufacture millio
    • by myrdred ( 597891 )
      Hard drives have caches which can max the bus interface, since they operate at RAM speeds, and not disk speeds. So whenever you get cache hits, you can expect your data to go through the full 3GB/s.
    • Why 3Gb/S to a 5400RPM drive? Easy, the 3Gb/S interface does not connect to the drive. It connects to a huge RAM cache. The cache is fast enough to accept data at a high rate. High peek speeds are useful and it likely adds little or no additional cost to the product. For some uses average sustained speed matters but for many more peek speed matters.
    • Well, PATA is right out for me. SATA has hotplugging and much nicer connectors. As for 3G vs 1, I'll leave that to others to answer.
      • You're definitely not going to be hot-plugging your notebook hard drive.

        Except in rare cases, you're not likely to replace the drive more than once or twice in the lifetime of the notebook, so the "nicer connectors" mean very, very little.
        • Unless there's a downside, why wouldn't you? And I can definitely think of one reason:

          Suppose someone comes to me with a "dead" notebook hard drive. If the notebook won't boot enough for me to run a livecd, or if it doesn't even have a cdrom drive, I could still open it up, grab the SATA drive, and plug it into my desktop to test it there. Much more convenient with things like the Powerbook's FireWire target mode, but you get this one for free.
          • Ugh. Of course I mean, much LESS convenient than FireWire target mode...
          • Unless there's a downside,

            Extra cost for the chips, connectors, etc. Likely higher power requirements. The need to change your production line for the new interface. etc. etc.

            I could still open it up, grab the SATA drive, and plug it into my desktop to test it there.

            You can do exactly the same with PATA, just about as easily. I've done so many, many times.

            Unless you're doing this several times every day, the difference in connectors makes a trivially small difference.

            • Extra cost for the chips, connectors, etc. Likely higher power requirements. The need to change your production line for the new interface. etc. etc.

              Connectors are smaller and probably cheaper. Chips are likely cheaper, considering they've already changed their production line for a new interface anyway. And why don't you come back when you know for sure it's higher power requirements? I bet it's not.

              You can do exactly the same with PATA, just about as easily.

              My PATA doesn't support hotplugging.

              the diff

              • Connectors are smaller and probably cheaper.

                Why don't you come back when you know for sure it's cheaper? I bet it's not.

                My PATA doesn't support hotplugging.

                If you have the right software, any PATA chipset can handle hot swapping. If not, ATA controllers that do are cheap. USB/Firewire converters are quite cheap. etc.

                Besides, you absolutely do not need hot-swapping. It's an added convenience which, as I've said, is only significant if you're working with them constantly.

                If you look online, prices for SAT

    • You'll never get even close to 3GB/s- much like you can't get that fast with desktop drives either.

      You just answered your own question.

      The switch to SATA has only a small bit to do with sustained throughput. Other issues are paramount.

      Burst transfer, for instance, can be as fast as whatever bus you're using, and with notebooks typically having a larger HDD cache, that could be significant.

      More than that, SATA features, like NCQ, which have long speed-up the performance of SCSI drives before they even reac

  • Backdoored? (Score:5, Interesting)

    by J'raxis ( 248192 ) on Monday March 12, 2007 @10:12AM (#18316789) Homepage

    Who knows what this thing is doing inside? They're using AES-128 so you may not have to worry about the encryption algo being unsecure, but who's to say this thing isn't caching the password in some place you don't know about (but that the manufacturer and your country's authorities do)?

    • If they are, the first court case and it would be game over, cat out of the bag, and Seagate's product would be dead in the water with 5000 inpending lawsuits against them.
      • by J'raxis ( 248192 )

        Yes, if the government tried to prosecute someone for something discovered through this technique, it would be entered into evidence in a court proceeding and become public knowledge. But the government has more ways of going after people than through an open courtroom. For example, if they were using a backdoor in one of these drives for intelligence gathering, data gleaned from such would never make its way into a courtroom, and could still be used against someone in a variety of ways. I can't find the st

  • What's the OS compatibility/driver outlook for this new type of drive?
  • Oh Goody! (Score:5, Insightful)

    by LibertineR ( 591918 ) on Monday March 12, 2007 @10:17AM (#18316859)
    According to Seagate, any US company that loses a laptop using the Seagate drive in conjunction with the launch security management system from Wave Systems, will not have to give public notification of the loss, even if the data is of a highly confidential nature. This alone guarantees that the technology will find a market given the increasingly costly and embarrassing repercussions of laptop thefts.

    Who cares if this gets cracked by Tuesday, bitches?

    The selling point is that the banks wont have to tell you when Bubba leaves his laptop on the CAL TRAIN with your credit card data in standby mode, cause its encrypted!

    I feel so safe!

    • by Kjella ( 173770 )
      Next step - find out what the minimum passwords requirements are. With a password you're likely to type in every time the laptop boots, you can bet it'll be as simple as possible. For example, if it's 8 latters, must include capital and number, you can almost bet it'll be XxxxxxxN for a whooping 36 bits of security. Almost nobody bothers to type in a password to match the AES strength with any regularity...
      • Re: (Score:3, Informative)

        by Nutria ( 679911 )
        Next step - find out what the minimum passwords requirements are. With a password you're likely to type in every time the laptop boots, you can bet it'll be as simple as possible. For example, if it's 8 latters, must include capital and number, you can almost bet it'll be XxxxxxxN for a whooping 36 bits of security. Almost nobody bothers to type in a password to match the AES strength with any regularity...

        Don't be so sure.

        I had to install PGP Desktop and encrypt my laptop's HDD, and when it asked me for th
        • 18 characters with varying case throughout? At that point I'd have to write it on a post-it.
          • by Nutria ( 679911 )
            18 characters with varying case throughout? At that point I'd have to write it on a post-it.

            The one I chose happens to be 22 characters. The trick is to choose a phrase that is meaningful to you but also not easily discovered thru social engineering.

            Doable, but definitely requires forethought.

          • 18 characters with varying case throughout? At that point I'd have to write it on a post-it.

            Not if you used a phrase such as "My name is Werner Brandes. My voice is my passport. Verify me." - A phrase isn't hard to remember.

    • by daeg ( 828071 )
      To this day I do not understand why computers outside of a massively secure data center are allowed to keep records of ANY private data. We don't let any of our staff maintain local copies of any data. Not even e-mail. If you stole a computer from any of our offices, you'd basically have an underpowered Dell desktop. You could easily log into the system, but aside from a few cache files and browsing history, you'd have nothing.

      Why is it so hard for banks and insurance companies to do the same?

      It's not like
      • Why is it so hard for banks and insurance companies to do the same?

        Because if you could do more than sit in meetings, drink coffee, and hire consultants to do everything else, you would not be caught dead working for a bank or insurance company.

        My largest client is an International Bank in SFO. I've gone through the BART tunnel with THOUSANDS of person's credit information on my ThinkPad, because the bank's IT folks didnt have the ability to grant me access to their internal SQL machines. I still shake

  • by dpbsmith ( 263124 ) on Monday March 12, 2007 @10:21AM (#18316899) Homepage
    it will transpire that ...Los Alamos National Laboratory misplaced a notebook full of top-secret data in which the encryption had never been turned on... ...a Microsoft executive lost a notebook full of plans for dirty ways to undermine Open Source, after sticking Post-It note to the screen to remind him of his wife's birthday, which he used as his password... ...all the scientific data from a major NASA mission costing $1.63 billion were stored on a contractor's laptop, who had encrypted all of it, chosen a good password, never wrote it down, and got hit by a bus without telling it to anyone... ...but NASA was able to recover the data by asking the FBI, which knew the backdoor and had been reading every NASA contractor's hard drive without a warrant.
    • Re: (Score:3, Insightful)

      That makes a good laugh, but in all seriousness, we will likely read headlines like this in the next 5 years or so:

      Financial fraud linked to stolen encrypted laptop
      In the largest online fraud incident in history, experts linked the Personally Identifiable Information (PII) used in committing the fraudulent acts back to a laptop that was stolen over a year ago. Company X denies the experts' allegations saying "the laptop's hard drive was encrypted." Under this premise, Company X refrained from notifyi
    • Wow data worth $1.63 billion stored on a single hard drive with no backups? and on a laptop? No wonder NASA hasn't left LEO since the 70s.
  • real question (Score:3, Insightful)

    by Lord Ender ( 156273 ) on Monday March 12, 2007 @10:25AM (#18316949) Homepage
    If I put one of these in a regular laptop--one which supports DriveLock, but nothing else--can this disk use the DriveLock password as the encryption key?

    If that were the case, it would be a simple matter to retrofit existing laptops (which use DriveLock to protect the disks) with the improved security of full-blown encryption. And it could be done without any perceptible changes to the user!

    This could be a great product if they just Keep It Simple so that it works seamlessly with the already widely-deployed ATA Security Mode (DriveLock) protocol.
    • would be a simple matter to retrofit existing laptops (which use DriveLock to protect the disks) with the improved security of full-blown encryption.

      And as an added bonus, since most Laptops can only use the same password for the hard drive as they do for the Laptop lock, you can start up an extremely profitable business selling the hardware adapter to download the EPROM from popular Laptops, and the software which seeks to the proper address in the ROM dump, and prints out the password.

      eg. http://www.ja.a [axxs.net]

  • It's called /dev/null

    Granted, getting data back is a bit, erm, difficult, but write only memory? That's pretty damn secure.

    (And anticipating witty responses... I will accept that /dev/null isn't technically a hard drive, but then I'd have no joke, so work with me here!)
  • by Junior Samples ( 550792 ) on Monday March 12, 2007 @10:31AM (#18317045)
    Seagate is an American Company. Is it possible for them to provide a secure product without providing a back door for Big Brother to access? Can they be trusted? I'm very skeptical.
    • Re: (Score:2, Funny)

      by stratjakt ( 596332 )
      You're right I'll wait until China produces one. There's a government I trust.
      • by J'raxis ( 248192 )

        I'd trust it -- if I were using it here in the US. (Why would the Chinese share their backdoors with our cops?)

    • Re: (Score:3, Funny)

      For the tinfoil community, simply create a circuit to short-cut the battery (or any other low-power incendiary device) in case of wrong password and use a Sony laptop to be able to claim bad luck when the FBI ask you to enter your PW.
    • by Nutria ( 679911 )
      Is it possible for them to provide a secure product

      Of course. Stop living in 1993. (http://en.wikipedia.org/wiki/Clipper_chip [wikipedia.org])

      without providing a back door for Big Brother to access?

      Depends on whether or not they want to sell into the Chinese market.

      • From the Wiki article:

        "Then-Senator John Ashcroft was a leading opponent of the Clipper chip proposal, arguing in favor of the individual's right to encrypt messages and export encryption software."

        Now there's an interesting little tidbit. I wouldn't have expected that from him. Unless wikipedia is wrong on that one.
    • by Cheesey ( 70139 )
      Your hard disk may already contain "back doors" in the form of hidden sectors and undocumented features for accessing them. These may already be being used for forensic recovery. Their purpose may not be sinister: they may exist simply so that damaged areas of the disk can be transparently remapped. But it's just another reason why you can never be sure that a piece of data has been deleted from your disk, unless you physically destroy it.

      I wonder where Richard M. Stallman gets his disks from? I don't know
      • by J'raxis ( 248192 )

        This is actually a good reason to not trust disk-level encryption -- if the data is going to the disk in the clear and you're relying on the disk to encrypt it, are you even sure it really got encrypted? It could be getting copied somewhere else on the disk, accidentally or intentionally, and you'd never know.

        But if your OS is doing full-disk encryption for you, so that no data ever even travels down the IDE cable before it's been encrypted, this particular worry can be put to rest. Let the disk make sixt

      • by kv9 ( 697238 )

        I wonder where Richard M. Stallman gets his disks from? I don't know of any HDD vendors that provide the source code for the drive firmware.
        from what I hear, he builds his own.
  • by BenEnglishAtHome ( 449670 ) * on Monday March 12, 2007 @10:36AM (#18317121)
    ...of the competitors in this market space. Several companies have been doing this for years with good track records. I think these links [slashdot.org] are still good.
  • Like Vista's BitLocker (which can do a similar thing in software), this is mainly to prevent the hard drive from being mounted on different hardware because the fact that the drive is actually encrypted is going to be transparent to the user. Any random idiot can still access the data on your laptop with one of these drives if you leave your password on a sticky note -- or use no login password at all.

    If you want to proect files on your laptop from being accessed by a logged-in user, you need to use somet

    • by SEMW ( 967629 )
      AFAIK, Bitlocker can operate in a mode where the encryption key is kept in a USB flash drive, so it won't boot unless that's plugged in (obviously it still needs a password as well). If you kept that around your neck or something, that could some way to solving that particular problem.

      What happens when the flash drive is lost / damaged / worn out may be a problem, though; I hope you can make a backup drive...
    • by Bishop ( 4500 )
      Full disk encryption and file encryption (PGP) defend against different attacks. You need both.
  • by mwilliamson ( 672411 ) on Monday March 12, 2007 @10:52AM (#18317353) Homepage Journal
    Slap one of these bad-boys into a video camera with only the ability to only write/encrypt and then you'll have a tool journalists can use without fear their content will be pilfered by a herd of unwieldly pigs. Only once the cam is back from the field would the data be accessable. This of course assumes the drive uses some sort of PKI, it may be symmetric only, in which case you'd have to add something to generate the symmetric keys from a PKI infrastructure. Performance should still be good with the added PKI module since the internal crypto would still be using the hardware accelerator with the derived symmetric keys.
    • by swb ( 14022 )
      Your PKI doesn't do shit when some third-world government thug runs a few dozen 7.62x39 rounds through your camera. They generally don't want to steal your video, they don't want anyone to SEE your video AT ALL, and AK rounds accomplish this nicely.

      • by third world i'm assuming you mean US, in particular any government force with a gun, either your local PD SWAT team or certain branches of our military government...
        • by swb ( 14022 )
          No, I mean any of your post-colonial shitholes with no constitutional protections of free speech, run by enlightened leaders with no history of censorship or thuggishness towards even their domestic press, like Sudan, Zimbabwe, hey, even Russia (how many dead journalists in the last year?) and China.

          Since the U.S. has a constitutional guarantee of free speech, a strong judiciary with no interest in prior restraint, as well as a vibrant free press, I don't think we qualify.
    • pilfered by a herd of unwieldly pigs.
      How does one wield a pig?

      Get back or I shall slay you with my +9 Pork Chop of Gluttony!
  • This is mainly marketing hype. The Seagate drives are now the worlds most secure because they are shipped in a 'Clamshell/Blister Pack'. I dare anyone without specialized tools to access it.
  • LaCie had a 500GB AES 128-bit hardware encryption fingerprint-biometric (with FireWire 800, FireWire 400, & USB 2.0) like, 6 months ago! Why is this news?

    http://www.lacie.com/us/products/product.htm?pid=1 0872 [lacie.com]
  • by Assassin bug ( 835070 ) on Monday March 12, 2007 @11:56AM (#18318151) Journal
    My highspeed, large-capacity Seagate drive wasn't secure from itself when it decided to critically fail 1 week after warrenty!
  • Hibernate (Score:3, Insightful)

    by Nom du Keyboard ( 633989 ) on Monday March 12, 2007 @12:21PM (#18318535)
    And how secure is it if you hibernate, rather than shut down, your system? Does all the crook have to do is keep it powered, or do you need to re-enter your password each time you raise the lid? If so, I suspect the password is going to be rather short, and easily guessable.

    The real problem is not designing effective security, but getting people to use it properly. You can start on this by banning PostIt notes from the corporate environment -- or at least make them self-destruct.

  • by joto ( 134244 )

    Here I hoped they would have created the most secure harddrive in the world, one who withstand earthquakes, floods, car collisions, and 50+ years of continuous use. And then it turns out that it's just a layer of crypto.

    How boring, we can do that in software already....

  • by malcomvetter ( 851474 ) on Monday March 12, 2007 @01:27PM (#18319843)
    The Top 10 Most Secure Hard Drives in Existence to date:

    1. The world's most secure hard drive is the one not used to contain valuable confidential data (experts question its existence).
    2. Doesn't exist.
    3. Doesn't exist.
    4. A hard drive that contains some valuable confidential data, but remains physically within a datacenter. The OS that accesses it does not share its data with other OSes, and runs the full gamut of controls (prevention, detection, correction).
    5. Doesn't exist.
    6. Doesn't exist.
    7. Doesn't exist.
    8. Doesn't exist.
    9. A hard drive that contains some valuable confidential data, remains physically within a datacenter, but its OS shares data among other systems whose trust is "unknown" or "uncertain".

    And tied for 10th place (by virtue of consolation):
    10. An encrypted drive in a mobile device relying upon its user for security.
    10. An unencrypted drive in a mobile device relying upon its user for security.

    If the "laws of physics" of information security were known, we'd likely see a Newtonian-esque law that says something like (in a more scientific form): "any security system that relies upon a person to use the system correctly will fail [miserably]". What Seagate is trying to do is analogous to defying gravity or creating "information security perpetual motion". It just won't improve the situation for anyone (except perhaps the "checklist security" people who can tell their compliance regulation auditors that they can add a point to their useless overall score).

  • In my experience, Seagate SCSI drives have a short MTBF. So there you have it, security because the data is lost and not even the rightful owner can access it. Hahaha.

    Ok seriously, I did not RTFA and don't plan to. My guess is it is all hype and probably not something easily feasible for the wide spread market at large.
    I am not saying I disagree with innovation or the concept in general, just that I doubt this will be a real mind blower of a product, especially in its initial implementation.

    Just my -$.02

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...