Results 1 to 14 of 14

Thread: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    The 7mm thick MQ01ABUxxxBW 2.5-inch HDD series fits in standard notebooks.
    Read more.

  2. #2
    Asleep
    Join Date
    Jan 2009
    Posts
    344
    Thanks
    27
    Thanked
    38 times in 34 posts
    • Repressor's system
      • Motherboard:
      • Asus M4A89GTD PRO
      • CPU:
      • AMD Phenom II X6 1090T
      • Memory:
      • 12GB Corsair
      • Storage:
      • 500GB Samsung HD502HJ
      • Graphics card(s):
      • ATI HD5850
      • PSU:
      • 620W Seasonic
      • Case:
      • Antec 300
      • Operating System:
      • Windows 7
      • Monitor(s):
      • Dell U2311H X3

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    So, is buying a drive which has encryption standards endorsed by the US government a good thing or a bad thing?

  3. #3
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Maybe i am missing the point but isn't the idea of encrypting data to prevent unwanted people reading said data, so wouldn't a drive that self-encrypts allow anyone to just plug it in and decrypt it ?

  4. #4
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Corky34 View Post
    Maybe i am missing the point but isn't the idea of encrypting data to prevent unwanted people reading said data, so wouldn't a drive that self-encrypts allow anyone to just plug it in and decrypt it ?
    No, because if an unauthorised system attempts to access data, the drive self-wipes.

  5. #5
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Repressor View Post
    So, is buying a drive which has encryption standards endorsed by the US government a good thing or a bad thing?
    Good question. I guess, in part at least, it comes down to who you trust and who you don't, and the extent to which you consider data to be exposed to different risks.

    For instance, do I feel particularly at risk from getting lifted by the CIA, and having the NSA access my laptop data, using a built-in backdoor .... if such a back-door exists?

    Or am I more worried about criminals using data on a stolen laptop for accessing my bank accounrs, or ID theft?

    Well, personally, neither, to be honest. I don't do online banking, don't have data useful for ID theft on my laptop, and can't imagine why the CIA would conceivably be interested. A few years ago for security vetting due to family, maybe, but not now.

    So, I'm not really bothered about the risk of data loss to crooks or the US government getting at my laptop, but if I were, I'd be far more concerned about crooks than spies. Personally.

  6. #6
    Senior Member
    Join Date
    Oct 2006
    Location
    Florida
    Posts
    864
    Thanks
    8
    Thanked
    38 times in 30 posts
    • rob4001's system
      • Motherboard:
      • Gigabyte z97
      • CPU:
      • Xeon 1231 v3
      • Memory:
      • 16GB
      • Storage:
      • Samsung 840 256GB SSD
      • Graphics card(s):
      • Zotac GTX 1660 super
      • PSU:
      • Sliverstone 500w SFX-L
      • Case:
      • Silverstone SG13 mitx
      • Operating System:
      • windows 10 64 bit
      • Monitor(s):
      • Asus 27" 1440p
      • Internet:
      • Comcast 75MB

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Saracen View Post
    Well, personally, neither, to be honest. I don't do online banking,
    It is convenient besides all your data gets sold on the back market from some guy in a call centre working for the bank.

  7. #7
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Saracen View Post
    No, because if an unauthorised system attempts to access data, the drive self-wipes.
    Ahh i thought i was making a fool of my self but if you don't ask you never learn anything, although I'm still confused as to what or how you authorise a system.
    I mean if someone stole a laptop with such a drive in it how does the drive know. (am i having a blonde day)

  8. #8
    Senior Member
    Join Date
    Sep 2013
    Location
    Europe
    Posts
    596
    Thanks
    42
    Thanked
    13 times in 13 posts
    • DemonHighwayman's system
      • Motherboard:
      • MSI Z97I Gaming
      • CPU:
      • Intel i7 4790K
      • Memory:
      • 16Gb 2.4Ghz Kingston Beast
      • Storage:
      • 256 Gb Samsung 850 Pro (Main), 4TB Toshiba X300 (games), 2TB External TV/Films HDD
      • Graphics card(s):
      • KFA2 RTX 2070 EXOC
      • PSU:
      • Coolermaster Real Power M700
      • Case:
      • Thermaltake Level 20 VT
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus PB278Q
      • Internet:
      • Yes most of the time

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    "it has been validated to U.S. Federal Information Processing Standard 140-2 (FIPS 140-2)"
    Gee that's reassuring!

    American Security standards mean nothing these days now that Snowden has enlightened the world to the U.S's treachery. In fact no western security standards mean much now, I would sincerely trust Russian security standards far more than any western ones.

  9. #9
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,478
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Corky34 View Post
    Ahh i thought i was making a fool of my self but if you don't ask you never learn anything, although I'm still confused as to what or how you authorise a system.
    I mean if someone stole a laptop with such a drive in it how does the drive know. (am i having a blonde day)
    You'll be prompted by the BIOS for a password to 'unlock' the drive every time you boot.

  10. #10
    Ninja Noxvayl's Avatar
    Join Date
    May 2007
    Location
    In the shadows
    Posts
    2,451
    Thanks
    748
    Thanked
    215 times in 173 posts
    • Noxvayl's system
      • Motherboard:
      • GigabyteZ87X-UD4H-CF
      • CPU:
      • Intel i7 4770K
      • Memory:
      • 16GB Corsair Vengaence LPX + 8GB Kingston HyperX Beast
      • Storage:
      • 120GB Snadisk + 256GB Crucial SSDs
      • Graphics card(s):
      • 4GB Sapphire R9 380
      • PSU:
      • ENermax Platimax 750W
      • Case:
      • Fractal Design Define S
      • Operating System:
      • Windows 10 64bit
      • Monitor(s):
      • ATMT + Dell 1024x1280
      • Internet:
      • Sky Fibre

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by DemonHighwayman View Post
    "it has been validated to U.S. Federal Information Processing Standard 140-2 (FIPS 140-2)"
    Gee that's reassuring!

    American Security standards mean nothing these days now that Snowden has enlightened the world to the U.S's treachery. In fact no western security standards mean much now, I would sincerely trust Russian security standards far more than any western ones.
    The only people able to circumvent the encryption standards recommended by the NSA is the NSA because of some very clever Maths. To simplify what they have done is to say they have a key that allows them to break the random number generator that does the encrypting which is impossible to break without. Well not impossible, just needs the worlds fastest supercomputer and years of time which is highly unlikely.

    More detailed description of the treachery here: https://www.youtube.com/watch?v=ulg_AHBOIQU

  11. #11
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Corky34 View Post
    Ahh i thought i was making a fool of my self but if you don't ask you never learn anything, although I'm still confused as to what or how you authorise a system.
    I mean if someone stole a laptop with such a drive in it how does the drive know. (am i having a blonde day)
    PBA. Pre-Boot Authentication.

    Essentially, a small application often stored in Master Boot Record (MBR) shadow, that runs PRIOR to the boot process attempting an operating system load. So, you power up and get asked for a passcode. No valid passcode = no boot. And, as no boot, no ability to corrupt or infect the OS.

    And, because of self-encrypting drives, ALL data on the drive is stored encrypted, and the user cannot disable it, accidentally or otherwise. Nor, for that matter, can IT.

    And furthermore, the encryption keys are in firmware on the drive controller, mso you can't use traditional 'cold boot' attacks to try to recover keys from RAM, as with software-based encryption, because they're not in RAM in the first place.

    So, you cannot access the machine without access keys, cannot bypass the OS, cannot cold-boot attack the keys, and cannot remove the drive from the machine and put it in a different machine. Or rather, you can, but if you do, the drive self-wipes automatically.

    It's worth bearing in mind that NOTHING is 100% guaranteed secure, but this is a pretty good step in that direction.

  12. Received thanks from:

    Corky34 (26-03-2014)

  13. #12
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,478
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    Quote Originally Posted by Noxvayl View Post
    The only people able to circumvent the encryption standards recommended by the NSA is the NSA because of some very clever Maths. To simplify what they have done is to say they have a key that allows them to break the random number generator that does the encrypting which is impossible to break without. Well not impossible, just needs the worlds fastest supercomputer and years of time which is highly unlikely.

    More detailed description of the treachery here: https://www.youtube.com/watch?v=ulg_AHBOIQU
    The RNG they compromised was part of a standard that had very little use. To be clear this is something that was designed by them, and suspicions were raised even before the Snowden leaks about a number chosen for the algorithm (normally you'd expect some common constant like Pi or root2 to be used as a 'nothing up my sleeve number'). Hence, it wasn't trusted anyway.

    They did not and have not, to public knowledge, compromised or broken any encryption algorithms for example. AES (Rijndael) was not created by the NSA, it was just chosen as a standard from a public process based on security, speed of implementation in software/hardware, etc.

    Yes, what they did was bad, but it's easy to take it out of context and think the situation is a lot worse than it actually is. I certainly don't see how the US doing something untrustworthy would make Russian standards somehow more trustworthy!

  14. #13
    Registered+
    Join Date
    Mar 2010
    Posts
    91
    Thanks
    0
    Thanked
    5 times in 1 post

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    1. Would you have to enter a password to unlock the HDD before it loads Windows?
    2. How would you move it to a new laptop/pc without loosing data? or connect to another PC to retrieve data say if the OS/Machine failed?

  15. #14
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,478
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: News - Toshiba's self-encrypting HDD uses US FIPS 140-2 security

    1) Yes - no data on the HDD can be accessed without inputting a password.

    2) It depends on whether a TPM is used. If not, it's just a case of unlocking the drive on another PC, either through pre-boot authentication or with HDD utilities. However if a TPM is used along with a passphrase, the data is essentially useless without that TPM, which is why backups are good practice, as always.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •