Hacker News new | past | comments | ask | show | jobs | submit login

I don't see how the built-in encryption is useful to anyone. It's not auditable: how do you know if your data actually gets encrypted?

That is not something I'd trust.




Hmm. I think ability to do the following would be nice: boot from Linux LiveCD, copy (dd) whole disk to another ssd/hdd (with no hardware encryption), plug in the second one into Windows 8 system, check the settings (AES/256), enter BitLocker password (or/and insert USB flash with keyfile etc.), get your data.


Presumably it either does or doesn't work. I can't imagine you could configure it wrong. Presumably somebody will probably put it to the test.

So, once somebody tests it out, you can be pretty confident it is working.

Hardly a good only line of defense for extremely sensitive data, but a nice addition to a long chain of defense for moderately sensitive data without a big performance penalty.


Are there no low-level commands to access the stored cyphertext?


AFAIK no. If the drive hasn't been unlocked with the proper keys it just refuses any reads/writes.


If that so, how could you boot from such drive?


You have to enter the hard drive password when you boot.

On my ThinkPads, I set the power-on password and the hard drive passwords all the same. Then I enter the power-on password and it feeds that password to all the hard drives too. (I have three SSDs in my W520.)




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: