Hardware Encryption on 3GS

Similar Messages

• Can anyone recommend a portable USB 3.0 drive with hardware encryption, compatible with OSX and Windows 7.  I need it for my MacBook Pro 13", 2012, running Mountain Lion

  Can anyone recommend a portable USB 3.0 drive with hardware encryption, compatible with OSX Mountain Lion and Windows 7.  I need it for my MacBook Pro 13”, 2012, running Mountain Lion & Windows 7 Ultimate - BootCamp.  I’ve heard that the Buffalo MiniStation Encryption does not work with OSX, is that true..?  I'd like it to work with both operating systems, using the built in hardware encryption.  Thanks

  This article may help: A flashing question mark appears when you start your Mac.

• The Advantages of Hardware Encryption

  If you're looking for instructions on how to use the Hardware Encryption feature of Crucial SED's, Brad_TheCru has posted a video and a written a guide to using BitLocker with Crucial SED
  An SSD that has encryption built into the hardware is more commonly referred to as a Self-Encrypting Drive or SED. This means the encryption is done by the controller on the drive, supported by a set of instructions in the firmware. There are several advantages to using hardware encryption rather than software encryption on SSDs.
  The first advantage is that the encryption feature is optimized with the rest of the drive. If a user applies software encryption to a storage drive this adds several extra steps to the process of writing to the drive, since the data needs to be encrypted by the encryption software while it is being written. That same data then needs to be decrypted by the software again when the user wants to access it, which slows down the read process. In other words, adding a layer of software encryption negatively impacts the performance of an SSD.  The hardware encryption of an SED is integrated into the controller, which means there is no impact on SSD performance either in the short term or in the long run. The read and write speeds are already taking encryption into account, since it already happens on every write cycle and decryption happens on every read cycle. The encryption is simply a part of the drive’s normal operation.
  This in turn has several advantages. To begin with, since the encryption is a part of the drive’s controller it provides pre-boot data protection. Running a software utility to try and break authentication codes is not a possibility since the encryption is active before any software has started to load. Another advantage of an encryption feature that is active at all times is that this makes it possible for the drive to meet the compliance requirements of government standards for data in banking, finance, medical, and government applications, by adhering to TCG Opal 2.0 specifications and IEEE-1667 access authentication protocols. Crucial SEDs also support the standard full disk encryption protocol through the ATA-8 security command feature set.
  Lastly, since the encryption takes place on the SED and nowhere else, the encryption keys are stored in the controller itself and never leave the drive.
  All a user needs to take advantage of an SED’s encryption ability is a software utility that provides encryption key management for SED devices. Crucial SEDs are fully compliant with Microsoft’s eDrive standard, which provides simple plug-and-play data security through the use of Windows 8 BitLocker. Since Windows 8 BitLocker doesn’t need to encrypt the drive before it can be used (that has already been done by the SSD’s controller) there is no delay or wait for encryption to take place. Once Windows 8 BitLocker is enabled the SED is instantly ready to use. All you have to do is let the Self-Encrypting Drive operate just the way it has all along, and enjoy the peace of mind and high performance of a hardware-based encryption drive.
  Looking for more information on Crucial SSDs?  Learn more here!
  Looking for Customer Service? Contact Crucial Support for your region.

  There won't be any compatible processes left over from the previous installation (unless you put them back later). The same is true if you prepare your existing installation before upgrading it.
  Make a backup first, whatever you choose to do.

• System Requirements for Hardware Encryption on Crucial SEDs

   
  The majority of current Crucial SSDs are Self-Encrypting Drives (SEDs) which means all data is always encrypted by the controller when written to the NAND and decrypted when read. Windows 8 BitLocker can work with this built-in hardware encryption ability when you apply a password in Windows, provided the following requirements are met:
  •    BitLocker only supports TPM version 1.2 and 2.0 (or newer). In addition, you must use a Microsoft-provided TPM driver (Please note, BitLocker can also work without a TPM, but it will need a USB flash drive to set the password instead)
  •    The system needs to support UEFI 2.3.1
  •    Make sure UEFI boot is enabled and you have a UEFI enabled Windows 8 installed
  •    The computer must boot natively from UEFI.
  •    The boot order must be set to start first from the SSD (not the USB or CD drives)
  •    Dynamic discs are not supported by BitLocker
  •    The SSD must have two partitions (drives with Windows installed generally do anyway) and the main partition to be encrypted must be NTFS
  •    Ensure ATA Security features, for example Secure Boot, are disabled in the BIOS. The M500 supports either ATA Security or TCG Opal (which is needed for SED) but not both.
  •    The system needs to support Opal 2.0 The Opal 2.0 standard is not backwards compatible; Crucial SEDs are not compatible with Opal 1.0
  •    The computer must have the Compatibility Support Module (CSM) disabled in UEFI.
  Looking for more information on Crucial SSDs?  Learn more here!
  Looking for Customer Service? Contact Crucial Support for your region.

  i'm very glad to read, from the article you referenced, that there's no performance hit.  but that's only 1 of 2½ issues.  i have some follow-up questions.  perhaps we should take this to a forum instead of the knowledge base?
  -what about prior issue #2 (securely wiping the drive)?  is this easily and instantly doable?  we'll ignore #3 (relying on microsoft gets ½ a point). 
  -with the encryption keys stored on the controller, doesn't using third-party encryption software mean the keys themselves aren't encrypted by a user pw, making it that much easier for someone with physical access to the drive to extract them from the firmware?
  -if the controller is doing the encryption, why bother with bitlocker?  is it so slightly-more-savvy-than-average joe can easily enable it, or so you don't have to write it into the firmware?  (i'm being serious, not snarky--i'm a software developer myself.)  personally, i'm dual-booting win7* and ubuntu 14, which means i need 2 separate encryption methods instead of just supplying my credentials at boot to decrypt the hd and then choosing which os to load.
  -also, if i upgrade the windows os, ms requires the os volume to be decrypted first.  this would obviously not be the case if windows was unaware that it was encrypted.
  *last, what about those poor silly saps who are running win7 (or earlier)?  i just read that win7 bitlocker doesn't support self-encrypting drives--it was an update as of win8.  we're just out of luck?  i realize you can't support everything, but win7 is still a ms-supported os, and it seems like a better service to (more of) your customers to enable full-disk encryption all the time.
  thank you!

• T440s - implementing hardware encryption on the OPAL compliant HDD

  I just recently received my new T440s which I ordered with Windows 7 Professional and a 500GB HDD w/OPAL.  I choose the OPAL drive so that I could implement encryption at the hardware level.  I can't find information on how to implement/activate encryption on this drive in the User Manual.  
  1)  Does anyone know how to do so and where the instructions are located?
  2)  My other question is regarding the 16GB M.2 Solid State Drive and the M.2 slots that comes with "most" T440s.  I didn't noticed till after I had placed my order that when I chose the OPAL compliant drive, this 16GB M.2 SSD disappeared from my configuration. Also least on my configuration there was no "third" M.2 card slot included.
  If I run a new T440s configuration today on the Lenovo website and choose the OPAL compliant drive, the 16GB M.2 SSD disappears but the "3rd M.2 SSD Slot" remains in the configuration.
  My question is can I install a 16GB M.2 SSD in my laptop at all?  or does having a hardware encrypted drive (which I don't know is even encrypting at this point) prevent me from using this cache?  configuring a new T440s today seems to include at least the third M.2 slot so it sounds like one should be able to install an SSD there.
  thanks
  archie
  Solved!
  Go to Solution.

  The 512GB option in current ThinkPads is not OPAL.
  ATA-Security without encryption means that you must provide the password to the SSD's controller before the controller itself will provide access to the NAND chips (although the data on the NAND chips is not encrypted).  In theory it is possible to replace the password-locked controller with an unlocked controller and then get access to the data that way.  But I think it would take an NSA lab (or similar) to do this type of hardware hacking.
  Another option is to just use software encryption like BitLocker.  On an SSD system, it is very fast and you won't notice a performance decrease in any real-world usage.

• What is the difference between Hardware Encryption & On-Board Encryption & Device Encryption

  Hi
  Can anyone explain me, What is the difference between Hardware Encryption & On-Board Encryption & Device Encryption.
  Thanks

  http://images.apple.com/iphone/business/docs/iOS_Security_Oct12.pdf

• About Hardware encryption AES 256 bit crucial mx100

  My question works it automatically or works the hardware encryption windows only ?
  because not sure is it safe enough and also about speed.
  sorry for my terrible English. You can answer in German and English thanks.
  Meine Frage ist ... ob die Hardware Verschlüsselung automatisch vom Controller crucial mx100 gesteuert wird oder funktioniert es nur unter Windows ?
  es muss ich filevault benutzen um die Daten zu schützen ?

  Hardware encryption is a feature of SSD's. It is transparent to the user and you don't have to do anything to enable it. The data on the SSD is encrypted with a random key. When you erase the device, the key is destroyed. You can't use hardware encryption to protect your data from theft. For that, use FileVault.

• I forgot my macbook hardware encryption

  how to crack hardware encryption for macbook?

  Mac OS 9000 wrote:
  If you mean firmware, you can't...
  When you lock the firmware, it says that you cannot crack it if you forget it.
  Rubbish: -  http://support.apple.com/kb/TS3554
  "Only Apple retail stores or Apple Authorized Service Providers can  unlock a MacBook Air (Late 2010), MacBook Pro (Early 2011), or iMac (Mid 2011) computer protected by a firmware password."
  Now what model do you have ahmetkadirbulan?

• SL500 - Enabling Hardware Encryption for Tape Drives

  I have a SL500 with seven HP StorageWorks LTO-4 Ultrium 1840 tape drives. These tape drives have hardware encryption capabilities and several ways to configure the encryption settings.
  In the white papers for the HP LTO-4 encryption technology (http://h71028.www7.hp.com/ERC/downloads/4AA1-4878ENW.pdf), all possible ways to manage the encryption settings are listed. One possibility, native mode encryption, is mentioned: "This method controls the LTO4 encryption from within the tape drive library. There is one key that is set by way of the library management interface (Web GUO or Operator Control Panel). This method encrypts all tapes with the same key, with the downside of negatively impacting the security level."
  Does the SL500 provide any to do this?

  We just got an SL500. When the Sun engineer was onsite, he mentioned an encryption capability. The way he explained it, there is an optional chip that needs to be purchased, as well as an encryption server. Once this is in place, encryption is easily done. If you were to have the same setup at a DR site, the encryption server would auto search for the encryption key whenever the tape is read. Seems to be a good system, but I have no experience with as we do not have that policy....yet
  HTH

• HD/SSD with hardware encryption

  Dear everyone!
  I have a MacBook Pro 13" late 2009. I work on a corporate environment and security is top priority. I would like to know options and recommendations for SSD or Hard Disks with HARDWARE ENCRYPTION that will work with this notebook. I don't want to put extra work on the CPU for encryption.
  I assume that doing this will allow me to still backup my notebook at home with Time Machine. By the way, how can I encrypt my backup?
  Thanks everyone in advance,
  Luis.

  The only ones I know of are the Samsung units - rumored to go consumer mid to late 2009.
  http://www.xbitlabs.com/news/storage/display/20090417223457Samsung_Ships_Solid_State_Drives_with_FullEncryption.html
  http://www.computerworld.com/s/article/9131684/Fulldisk_encryption_comes_to_SSDs_for_mobile_deviceslaptops
  In terms of encrypting your backup drive you can use something like PGP. It's software based of course.

• Hardware Encryption Modules

  Hi,
  I am planning to install a Gigabit point-to-point connection over Cisco 7206VXR_NPE-G2 and VSA to achieve IPSec 3DES encryption over the full service bandwidth.
  According to product release notes for VSA the supported throughput is 950 MB for IPSec 3DES.
  I want to understand whether the remaining 50Mb gets off-loaded to IOS based encryption (parent processor) or will the VSA be able to sustain the additional 50Mb as well?
  In case the overload (above 950) gets off-loaded to main processor (NPEG2 processor) then what is the limit upto which the main processor can support IPSec encryption?
  Reason I ask: I intend to configure the solution in future to deliver 2Gb towards WAN and corrospondingly I will add one PA-GE to deliver 2Gb towards LAN.
  So, the existing VSA will support 950 and I want to understand how will it be possible to support remaining IPSec encryption and how scalable the solution can be?
  Thanks in advance,
  - PJ

  The hardware encryption module will normally offload router cpu processing. The VPN Service Adapter's 950Mbps 3DES encryption throughput means more or less it will throttle down the normal cleartext speed to 50Mbps or less, but will not drop the queue packets. This is due to the encrypt/decrypt of 3DES process which basically takes longer time compared to DES.
  Throughput:
  DES/3DES/AES
  - 950/960 Mbps for 1400 byte packets
  - 920 Mbps for 300-byte packets
  http://www.cisco.com/en/US/products/hw/routers/ps341/products_data_sheet0900aecd8047192f.html
  http://www.cisco.com/en/US/products/hw/routers/ps341/products_qanda_item0900aecd80471935.shtml
  HTH
  AK

• 3750x to 3750x hardware encryption

  Hello,
  I have a WAN link running at 10GB thru the Fiber Module on my 3750X.
  Each datacenter has 1 3750x switch stack, with 10GB WAN link between the 2 datacenters.
  I want to encrypt the WAN connection, but I want to use Hardware Encryption.
  Is this possible, and what module do I need to purchase?
  Thanks...

  http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-x-series-switches/product_bulletin_c25-688868.html
  See the SKU at the bottom of the page.

• Hardware encryption not compliant

  My company uses MaaS360 for MDM purposes.  I have a customer who updated his Nokia Lumia 625 to Windows Phone 8.10.  As a result of update, MaaS360 is indicating that compliancy is not met with either Device Passcode or Hardware encryption.  Any
  additional add-ons needed or what is general recommendation?

  Is it possible MaaS360 is not aware of Windows Phone 8.1? 8.1 continues to support device encryption and PINs of course.

• Recover my encrypted iPhone 3GS backup

  Hi,
  After 12 months of resisting the urge to update my iPhone iOS I finally relented last night. Prior to the update I did a backup, installed the iOS update and then went to restore from backup. It was then that I found out my backups have been getting encrypted since that one time wayback when I checked that "encrypt backup" button. Well... I have no idea what the password is but really need to get the data back as it's got my daughter's birth, first swim, etc on then (not to mention a plethora of phone numbers).
  Anyway, I have tried looking in keychain, old passwords, variations to old passwords and anything else that I could think of to no avail. Basically I need to crack the encryption.
  Any help would be greatly appreciated.
  My first idea was to use an applescript to populate the password field in itunes, click ok, click retry and try another. Any help with the actual code for this would be good. I can figure out the loops for generating the various passwords but have no idea how to put them into the text field and select the ok button.
  Regards,
  Chris.
  PS. If you're worried I'm up to no good and am actually trying to hack someone elses phone, then I'm not trying to convince you otherwise. I thought about this and realistically, short of handing my backup over to someone else to unencrypt for me (ain't gonna happen), there is no way that I could easily prove it beyond a doubt. Anyway, if you have moral scruples about helping me then please don't tell me it can be done unless you're gonna tell me how or direct me to where I can find out how, my first post here wound up at a dead end. I just want my iPhone back to how it was yesterday.

  Maybe this is what you are looking for:
  iPhone Backup Extractor

• Can I use a Self Encrypted ( hardware ) hard drive in my mid 2009 Mac?

  I want to use a self encrypted (hardware encryption) hard drive in my mid 2009 13" MacBook Pro. Has anyone ever gotten this to work, or is it listed as "possible" by Apple somewhere? Thanks.

  look here:
  https://discussions.apple.com/message/22835243#22835243
  As far as a list of compatible OPAL drives is concerned:
  https://discussions.apple.com/message/22835243#22835243
  or look for:
  "SecureDoc Supported Self Encrypting Drives" - WinMagic
  http://www.winmagic.com/login?return=aW5kZXgucGhwP29wdGlvbj1jb21fcGhvY2Fkb3dubG9 hZCZ2aWV3PWNhdGVnb3J5JmlkPTIwOmRhdGFzaGVldHMmSXRlbWlkPTMxMA==