digg

Facebook Connect Join Digg About

Native Encryption Comes to Solid State Disks, Dell Laptops

computerworld.com Samsung announced the first line of consumer solid state laptop and drives for handhelds that encrypt all data written to them.

Who dugg this? Made popular Apr 17, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

41 Comments

show profanity settings
expand all
  • UtahApocalyse, on 04/17/2009, -0/+31native = backdoor included for law enforcement.
  • fangor, on 04/17/2009, -1/+11If it does not involve open source software AND hardware, I will not buy it.
  • HappyScrappy, on 04/17/2009, -0/+8Law enforcement cannot compel you to give up your password.

    http://www.washingtonpost.com/wp-dyn/content/artic ...

    And they cannot hold you for more than 48 hours without charging you.
  • Tenoq, on 04/17/2009, -1/+9Patriot Act.

    Your rights: revoked.
  • solarwind24, on 04/17/2009, -0/+4If you use TrueCrypt, you can setup a "fake" password that you can give if you're ever forced to reveal your password. By giving the fake password, your data wont be revealed.
  • UberNick, on 04/17/2009, -0/+4Any steps towards automated encryption is a big boon to privacy and security. I've been holding my breath for some large email system to incorporate automated and seamless 2-key system (you hear me, gmail!). And for IM clients like Pidgin to come with it built-in (kudos to Adium), without having to install a plugin like OTR.

    So you're bringing up an interesting point of key extortion which is a potential issue but certainly doesn't devalue encryption as a whole! First, as Scrappy points out, no one can legally compel you to cough up a password. Second, there's always the "I forgot" defense. Third, if you're still really concerned about this, there's other systems you can use to give plausible deniability, like undetectable hidden volumes. TrueCrypt allows for this, though it'd be cool to see on a hardware level as well.
  • UberNick, on 04/17/2009, -0/+4Yes, just like browsing your bank account site with https. The performance hit is minimized and manageable, escpecially considering the benefits. Besides, the next generation of technology will always make up for the speed difference anyway.
  • catvllvs, on 04/17/2009, -0/+3except... there is the rest of the world.

    In Australia it is an offence not to give up your password for anything when requested by the authorities.
  • davzie, on 04/17/2009, -0/+3THe Phantom Menace was a pretty ***** film
  • jannefoo, on 04/17/2009, -0/+3Sorry, but even NSA can't break the laws of physics.
  • HappyScrappy, on 04/17/2009, -1/+4All SSDs will be encryped soon. Turns out data whitening is necessary to increase reliability of NAND devices. And encryption is a simple way to do whitening that you can market as an advantage too.
  • UberNick, on 04/17/2009, -0/+3What's with the spiel on TPM? For one, I don't see what Linux has to do with it. But if TPM were used, it would cause issues of unrecoverable data in the event of hardware swaps, no? Same deal if you wanted to move the drive to another laptop.

    I'm picturing some kind of PSK model that requires users to set some kind of key on first use. I can imagine giving the option of a user password, USB-stored keyfile, or even a biometrically-defined key.

    Though there's doesn't seem to be any details on how the encryption is implemented, so we're just speculating.
  • AReallyGoodName, on 04/17/2009, -0/+2Are you sure about that?
    Flash needs wear leveling but that has nothing to do with entropy. If anything i'd suspect low entropy (read unencrypted) data would be better for the NAND gates. A block of NAND gates doesn't have to go through an erase cycle if the data they are writing is the same as the data already there.

    With encryption the slightest change to a file would change every block that file is stored in (the result of encryption is entirely different with so much as a single bit flipped). Without encryption only the block that file is stored in would be affected.
  • microview2007, on 04/17/2009, -0/+2Yes, it's called TrueCrypt and it's free.
  • microview2007, on 04/17/2009, -0/+2Well depends on the *****, if it's gooey and tar like, then it can take awhile to get it through the output port but if it's more runny like water then ***** flows much quicker.
  • HappyScrappy, on 04/17/2009, -0/+2You can't change the key very easily because it would require re-encrypting the entire drive.

    I don't know how this drive does it, but the ATA standard makes it possible so that a portion of the disk can be unencrypted. You boot from this part, then software runs that lets you enter a password and transmits it to the drive. The drive checks it and if you entered it right, the entire drive is unlocked until it is relocked or it is powered down.
  • solarwind24, on 04/17/2009, -0/+2Probably not as there will be a hardware encryption unit.
  • AReallyGoodName, on 04/17/2009, -0/+2Nah. It states they use AES. Looking at wikipedia even the weakest AES (AES-128) is ~2^64 times more complex than any known brute force attack.

    2^64 is a rather large number.
  • AReallyGoodName, on 04/17/2009, -0/+2It doesn't store the key on the drive - the key is generated via a password when you need to access data. It simply contains an encryption chip on the drive.

    If you've used someting like TrueCrypt software encryption you'd know it slows down your PC quite a lot. Encryption isn't easy and a dedicated encryption processor can do it far faster than software.
  • lateralus, on 04/17/2009, -1/+3This is great on many levels. Behold:

    Understandably Lazy Technerd: Sorry <insert family/friend>, I can't help you recover your data before I reinstall XP....your disk is one of those encrypted SSD's.
  • HappyScrappy, on 04/17/2009, -0/+2Yes, I'm sure. The NAND vendors are already giving out this info to clients and controller makers. NAND does not work like NOR, you can't erase it selectively, you have to erase 128KB or 256KB at a time. And even if all the data in the block were to match (perhaps all zeroes), the tag data (which is erased at the same time) doesn't match. So you end up erasing every time.

    Your next paragraph doesn't make sense in the context of NAND since NAND is a block device, it doesn't know where files begin and end. The encryption done to whiten data is reset (the cipher block chain is broken) at the start of each block, changes within a block do not affect the next block.

    You could probably skip data whitening for SLC NAND, which some SSDs use, but in reality, there's no advantage to skipping the whitening, and again, the idea of an encrypted disk is marketable, so they likely will bring whitening to all SSDs, even those that use SLC.
  • motters, on 04/18/2009, -0/+1The trouble with hardware encryption is how do you know that it doesn't contain a backdoor? If it does the encryption is effectively worthless.

    Anyone remember this? http://en.wikipedia.org/wiki/Clipper_chip
  • UberNick, on 04/17/2009, -1/+2That's de-facto done by limiting key size. With acres of computers at their disposal, government organizations like the NSA can brute-force most keys with ease.
  • HappyScrappy, on 04/17/2009, -1/+2It's enforced by the drive. The disk really is encrypted. TPM is a joke.
  • nosecohn, on 04/17/2009, -1/+2Will full drive encryption ever come to the Mac? I keep waiting.
  • inactive, on 04/17/2009, -3/+4Worthless. If law enforcement wants to see your HD and you don't give up the password, you sit in a jail cell until you cooperate.
  • HappyScrappy, on 04/17/2009, -0/+1No, you can't. Not for your own prosecution. It has been ruled that being required to supply the password means you confirm you have it, which is self-incrimination. So by the fifth amendment, you do not have to give it.

    I posted the link like 3 times in this thread. Check my profile.
  • fangor, on 04/17/2009, -0/+1And how, prey tell, would you limit key size, if the software you use to encrypt your data is open source, and freely editable by you?
  • WiseGuy1020, on 04/17/2009, -0/+1@ GoodName

    the keyword was "known."

    The NSA is probably the most secret intelligence agency in the U.S.

    If they had the capability to break any specific encryption do you think they would make that public?

    The NSA had computers that could perform petaflops in the mid '90s. Remember these guys make their own chips and superconductors.
  • matt.rubin, on 04/17/2009, -0/+1Does it hurt SSD performance to decrypt *****?
  • inactive, on 04/17/2009, -0/+1How does this work exactly?
    They are just hard drives.. so even if the data is encrypted on the disk anyone who reads from it will have it decrypted for them right?

    Can you change the keys every so often so it really stays protected?
    But that really brings the question of does this even matter? You have way more control on the software end.
  • carlosos, on 04/17/2009, -0/+1I guess you don't use any encryption at all since your CPU isn't open source. (at least I'm guessing that you use VIA, AMD or Intel)
  • inactive, on 04/17/2009, -0/+1Yes, you can. if you are withholding information or physical property that can lead to a conviction or just illegal activity, you can be held in contempt indefinitely until you give in. Got illegal files on a locked harddrive and they think you know the keys? You will sit in prison until you talk.

    See:
    http://online.wsj.com/article/SB123137263059962659 ...

    http://query.nytimes.com/gst/fullpage.html?res=9D0 ...
  • matt.rubin, on 04/17/2009, -0/+1I am saying it cause SSDs look like the future and I want to know if encrypting a drive will increase load times for games like Bioshock etc.

    I know bitlocker does.
  • HappyScrappy, on 04/17/2009, -1/+1You cannot be forced to give up your password. You cannot be held for not giving it up.
  • KiraDnote, on 04/17/2009, -3/+3This scheme should work perfectly in those cases where a corporate executive is carrying a laptop with sensitive client data and somebody breaks into his car and steals it while he's eating lunch.

    If you have a problem with law enforcement wanting to see what's on your computer I couldn't care less.
  • WiseGuy1020, on 04/24/2009, -0/+0@janefoo

    Not seeing how breaking the laws of physics has anything to do with it.

    Are you saying that there is no way the NSA possesses computers that are more advanced than anything publicly available?

    James Bamford. Google that and read some of his books. The NSA had computers that could run petaflops in the mid-'90s, that was not publicly achieved until 2008.

    You have no idea what the NSA can or cannot do.

    Besides if they wanted to but could not crack your pass (or if it would cost too much or take too long) they have other ways to get it. ***** they actually formed another "agency" to do just that.

    http://en.wikipedia.org/wiki/United_States_Special ...
  • rexykik, on 04/17/2009, -0/+0Also, unless you're a terrorist, NSA probably isn't wasting their time to decrypt your porn.
  • mctom987, on 04/17/2009, -2/+1Enforced by what?
    I hope it's the TPM, otherwise the encryption really means nothing, as any "read" would make the SSD decrypt it.
    Also, if it is TPM, it may not work in Linux.
  • inactive, on 04/17/2009, -2/+1Sounds decent, you also can't expect to change keys without also decrypting and re-encrypting the whole drive.
    Now I know half of digg and pedobear are worried about backdoors - just encrypt the data before hand also and they cant do *****. Do it five times if you want it doesnt matter. But yes you will sit in jail if they think you know the password and dont give it up. You can spend your whole life in jail without a trial for this reason. (But you can also get out any time you want if you do what they say...)
  • CYCLEORDIE, on 04/17/2009, -6/+1BURRIED

    THIS STORY IS RACIST

    NATIVE PRIDE

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.