'Trusted Storage' Spec Will Encrypt Hard Drives - from ExtremeTech

Discussion in 'Computer Security' started by ~David~, Feb 14, 2006.

  1. ~David~

    ~David~ Guest

    ~David~, Feb 14, 2006
    #1
    1. Advertising

  2. ~David~

    nemo_outis Guest

    ~David~ <> wrote in news:%LbIf.28617$Jd.9036
    @newssvr25.news.prodigy.net:

    > http://www.extremete




    The "trusted storage" is trusted, not by the owner/user of the computer,
    but by those who supply hardware, software and services for it. It makes
    the computer owner no more than a serf working the overlord's land.

    It is a giant deception that has been roundly denounced by many, including
    many computer luminaries, as the whole sham has morphed through a half-
    dozen or so names, trying to shake the stigma of each last one as the
    stinging denunciations ring out.

    Regards,
     
    nemo_outis, Feb 14, 2006
    #2
    1. Advertising

  3. ~David~

    Guest

    ~David~ <> wrote in
    news:%LbIf.28617$:

    > http://www.extremetech.com/article2/0,1558,1926410,00.asp?kc
    > =ETRSS02129TX1K0000532
    >
    > A interesting article popped up on ExtremeTech today about
    > encrypted drives. Although this is already possible and has
    > been done for years, I guess with trusted computing and
    > Vista support, it's (trying?) to go mainstream.
    >
    > ~David~


    A.k.a. `treacherous computing'

    Sample readings:
    http://www.gnu.org/philosophy/can-you-trust.html
    http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

    J
    --
    Replies to: Nherr1professor2doktor31109(at)Oyahoo(dot)Tcom
     
    , Feb 14, 2006
    #3
  4. ~David~

    ~David~ Guest

    I agree this is not something "we" (normal users, non-government people) can
    trust and in reality it will probably create another layer of stuff for
    sys-admins trying to recover data from a drive...

    What I wonder about is something the article said: it was my understanding the
    article said the keys will be stored on a hidden partition on the drive. If so,
    that's useless, because "hidden" partitions are not really hidden and it would
    be relatively easy for the attacker to access the partition and keys.

    It seems that on the whole the best thing out there is either TrueCrypt or
    loop-aes. Funny how no ones promoting those as solutions to data privacy; what
    would be the commercial interest in promoting something that's free, and what
    would be the governments interest in promoting something that's probably hard
    even for them to break into. Instead we get a "trusted" computing model, where
    the only people who can trust it are the companies that build (and profit from)
    it and the government.

    Enough ranting all,
    ~David~

    ~David~ wrote:
    > http://www.extremetech.com/article2/0,1558,1926410,00.asp?kc=ETRSS02129TX1K0000532
    >
    > A interesting article popped up on ExtremeTech today about encrypted drives.
    > Although this is already possible and has been done for years, I guess with
    > trusted computing and Vista support, it's (trying?) to go mainstream.
    >
    > ~David~
     
    ~David~, Feb 14, 2006
    #4
  5. ~David~

    TwistyCreek Guest

    Re: 'Trusted Storage' Spec Will Encrypt Hard Drives - fromExtremeTech

    ~David~ wrote:

    > I agree this is not something "we" (normal users, non-government people)
    > can trust and in reality it will probably create another layer of stuff
    > for sys-admins trying to recover data from a drive...
    >
    > What I wonder about is something the article said: it was my understanding
    > the article said the keys will be stored on a hidden partition on the
    > drive. If so,
    > that's useless, because "hidden" partitions are not really hidden and it
    > would
    > be relatively easy for the attacker to access the partition and keys.


    Not to address the precise subject at hand, but just as general
    information, this scheme isn't necessarily as insecure as you might think
    at first glance.

    There's a good number of encryption schemes that use an encryption key
    that's encrypted to a pass phrase, and the encrypted "session key" is
    included in the ciphered text. The data itself is protected by a strong
    encryption key, which is in turn protected by a (hopefully) strong "key"
    or "phrase" itself.

    Whether or not this is even what we're talking about here I haven't a
    clue. I just wanted to point out the possibility that it may be secure
    enough of implemented properly. :)
     
    TwistyCreek, Feb 14, 2006
    #5
  6. ~David~

    ~David~ Guest

    Re: 'Trusted Storage' Spec Will Encrypt Hard Drives - fromExtremeTech

    TwistyCreek wrote:
    > ~David~ wrote:
    >
    >> I agree this is not something "we" (normal users, non-government people)
    >> can trust and in reality it will probably create another layer of stuff
    >> for sys-admins trying to recover data from a drive...
    >>
    >> What I wonder about is something the article said: it was my understanding
    >> the article said the keys will be stored on a hidden partition on the
    >> drive. If so,
    >> that's useless, because "hidden" partitions are not really hidden and it
    >> would
    >> be relatively easy for the attacker to access the partition and keys.

    >
    > Not to address the precise subject at hand, but just as general
    > information, this scheme isn't necessarily as insecure as you might think
    > at first glance.
    >
    > There's a good number of encryption schemes that use an encryption key
    > that's encrypted to a pass phrase, and the encrypted "session key" is
    > included in the ciphered text. The data itself is protected by a strong
    > encryption key, which is in turn protected by a (hopefully) strong "key"
    > or "phrase" itself.
    >
    > Whether or not this is even what we're talking about here I haven't a
    > clue. I just wanted to point out the possibility that it may be secure
    > enough of implemented properly. :)
    >
    >

    I have no doubt that the trusted computing model will be secure, the question
    will be from what perspective. If this model is used to prevent people from
    copying songs (say by having the hardware recognize a DRM song, and encrypting
    it, so if it's copied to another computer it can't be read) rather then
    something that would benefit the user like encrypting data so miscreants can't
    access it, then it's not a good use of the model. And for things like
    encrypting data, there are already many good secure solutions out there.
     
    ~David~, Feb 15, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GAH
    Replies:
    5
    Views:
    581
    Joe B.
    Jan 19, 2004
  2. R.Daneel Olivaw

    Encrypt An External USB Hard Disk

    R.Daneel Olivaw, Sep 3, 2006, in forum: Computer Support
    Replies:
    4
    Views:
    513
    R.Daneel Olivaw
    Sep 4, 2006
  3. Replies:
    2
    Views:
    770
  4. Nicolaas Hawkins

    Re: Hard Disk Sentinel can't be trusted

    Nicolaas Hawkins, Jun 18, 2008, in forum: NZ Computing
    Replies:
    2
    Views:
    371
    Nicolaas Hawkins
    Jun 18, 2008
  5. Ian
    Replies:
    0
    Views:
    1,255
Loading...

Share This Page