'Trusted Storage' Spec Will Encrypt Hard Drives - from ExtremeTech

http://www.extremetech.com/article2/...129TX1K0000532

A interesting article popped up on ExtremeTech today about encrypted drives.
Although this is already possible and has been done for years, I guess with
trusted computing and Vista support, it's (trying?) to go mainstream.

~David~

~David~

~David~ <> wrote in news:%LbIf.28617$Jd.9036
@newssvr25.news.prodigy.net:

> http://www.extremete



The "trusted storage" is trusted, not by the owner/user of the computer,
but by those who supply hardware, software and services for it. It makes
the computer owner no more than a serf working the overlord's land.

It is a giant deception that has been roundly denounced by many, including
many computer luminaries, as the whole sham has morphed through a half-
dozen or so names, trying to shake the stigma of each last one as the
stinging denunciations ring out.

Regards,

nemo_outis

~David~ <> wrote in
news:%LbIf.28617$ t:

> http://www.extremetech.com/article2/...6410,00.asp?kc
> =ETRSS02129TX1K0000532
>
> A interesting article popped up on ExtremeTech today about
> encrypted drives. Although this is already possible and has
> been done for years, I guess with trusted computing and
> Vista support, it's (trying?) to go mainstream.
>
> ~David~

A.k.a. `treacherous computing'

Sample readings:
http://www.gnu.org/philosophy/can-you-trust.html
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

J
--
Replies to: Nherr1professor2doktor31109(at)Oyahoo(dot)Tcom

me@tadyatam.invalid

I agree this is not something "we" (normal users, non-government people) can
trust and in reality it will probably create another layer of stuff for
sys-admins trying to recover data from a drive...

What I wonder about is something the article said: it was my understanding the
article said the keys will be stored on a hidden partition on the drive. If so,
that's useless, because "hidden" partitions are not really hidden and it would
be relatively easy for the attacker to access the partition and keys.

It seems that on the whole the best thing out there is either TrueCrypt or
loop-aes. Funny how no ones promoting those as solutions to data privacy; what
would be the commercial interest in promoting something that's free, and what
would be the governments interest in promoting something that's probably hard
even for them to break into. Instead we get a "trusted" computing model, where
the only people who can trust it are the companies that build (and profit from)
it and the government.

Enough ranting all,
~David~

~David~ wrote:
> http://www.extremetech.com/article2/...129TX1K0000532
>
> A interesting article popped up on ExtremeTech today about encrypted drives.
> Although this is already possible and has been done for years, I guess with
> trusted computing and Vista support, it's (trying?) to go mainstream.
>
> ~David~

~David~

~David~ wrote:

> I agree this is not something "we" (normal users, non-government people)
> can trust and in reality it will probably create another layer of stuff
> for sys-admins trying to recover data from a drive...
>
> What I wonder about is something the article said: it was my understanding
> the article said the keys will be stored on a hidden partition on the
> drive. If so,
> that's useless, because "hidden" partitions are not really hidden and it
> would
> be relatively easy for the attacker to access the partition and keys.

Not to address the precise subject at hand, but just as general
information, this scheme isn't necessarily as insecure as you might think
at first glance.

There's a good number of encryption schemes that use an encryption key
that's encrypted to a pass phrase, and the encrypted "session key" is
included in the ciphered text. The data itself is protected by a strong
encryption key, which is in turn protected by a (hopefully) strong "key"
or "phrase" itself.

Whether or not this is even what we're talking about here I haven't a
clue. I just wanted to point out the possibility that it may be secure
enough of implemented properly.

TwistyCreek

TwistyCreek wrote:
> ~David~ wrote:
>
>> I agree this is not something "we" (normal users, non-government people)
>> can trust and in reality it will probably create another layer of stuff
>> for sys-admins trying to recover data from a drive...
>>
>> What I wonder about is something the article said: it was my understanding
>> the article said the keys will be stored on a hidden partition on the
>> drive. If so,
>> that's useless, because "hidden" partitions are not really hidden and it
>> would
>> be relatively easy for the attacker to access the partition and keys.
>
> Not to address the precise subject at hand, but just as general
> information, this scheme isn't necessarily as insecure as you might think
> at first glance.
>
> There's a good number of encryption schemes that use an encryption key
> that's encrypted to a pass phrase, and the encrypted "session key" is
> included in the ciphered text. The data itself is protected by a strong
> encryption key, which is in turn protected by a (hopefully) strong "key"
> or "phrase" itself.
>
> Whether or not this is even what we're talking about here I haven't a
> clue. I just wanted to point out the possibility that it may be secure
> enough of implemented properly.
>
>
I have no doubt that the trusted computing model will be secure, the question
will be from what perspective. If this model is used to prevent people from
copying songs (say by having the hardware recognize a DRM song, and encrypting
it, so if it's copied to another computer it can't be read) rather then
something that would benefit the user like encrypting data so miscreants can't
access it, then it's not a good use of the model. And for things like
encrypting data, there are already many good secure solutions out there.

~David~