Here is a very interesting article from SearchSecurity.com: Link
As I mentioned in a previous posting, I have been sitting on the sidelines while watching the evolving disk encryption market. True, I do believe that hardware base solutions will end-up beating out software based solutions. However, I haven't been sure when this transition would occur or how fast. In 2007, we saw some major expansions in the market with both Seagate and Hitachi jumping into the mix with their own HFDE drives. However, it has been hard to gauge what the adoption rate has been with these drives in supplanting current SFDE solutions.
In other words, 2007 was an interesting year, but not a defining year. For 2008, I sense that we will see an expansion in the number of different solutions that are available (I.E. more drives, devices, and management solutions). After all, the options are very limited right now, making the options to manage these solutions are even more limited. With this in mind, 2009 may be the year of a major market switch. By that year, the number of HFDE solutions should become more universal in conjunction with their associated management offerings.
With all this in mind... What do the SFDE vendors think about the end of their party? Well, in the article that I just referenced, I think there is a statement that clearly states what the direction will be:
"In five years, we probably won't sell encryption software, said Malte Pollman, Utimaco vice president of products, but key and other management services for Intel, Seagate and any other hardware encryption companies."
With more than ten years of experience in IT, Tyson Kopczynski has become a specialist in Active Directory, Information Assurance, Windows automation, PKI, and IT security practices. Tyson is also the founding author of the Windows PowerShell Unleashed series and has been a contributing author for such books as Microsoft Internet Security and Acceleration (ISA) Server 2006 Unleashed and Microsoft Windows Server 2008 Unleashed. He has also written many detailed technical papers and guides covering various technologies. As a consultant at Convergent Computing, Tyson works with and provides feedback for next generation Microsoft technologies since their inception and has also played a key role in expanding the automation and security practices at CCO. Tyson also holds such certifications as the Certified Information Systems Security Professional (CISSP), the SANS Security Essentials Certification (GSEC) and SANS Certified Incident Handler (GCIH), and the MCTS (Application Platform, Active Directory, and Network Infrastructure).
Certifications:
Publications:
Other Stuff:
The Leader in Network Knowledge
Cold reboot attacks
This is especially interesting given the recent press on cold reboot attacks
Thanks Alex
Oddly enough, I was going to blog about this. But, I got lazy… In theory an HFDE solution wouldn’t be subject to this exact attack. However, using this same method, you might be able to attack the solution via other means. I’d have to spend some time thinking about this to come up with some good theories and such, hence the lazy part.
- T