X220 SSD Drive w/Full Disk Encryption (FDE), Intel 320 or others
Does anyone have experience or recommendations regarding installing an SSD with Full Disk Encryption for the X220?
Solved!
Go to Solution.
I have a 300GB Intel 320 which I installed it myself (cloned the factory install using Acronis). No mSATA drive.
Hope this helps!
I don't work for Lenovo. I'm a crazy volunteer!
Similar Messages
-
X220 with Samsung SSD 830: Success? Full Disk Encryption (FDE)?
1. Have any of you tried installing a Samsung SSD 830 Series drive in the X220, and if so can you recommend or dis-recommend?
2. Can anyone definitively verify whether or not the SSD 830 drives support full disk encryption? I see conflicting information about that on the internet...
Thank you.I have finally gotten an answer from Samsung regarding encryption. Sounds like hardware FDE is only supported on the OEM version, not on the consumer version:
My Question:
Does the SSD 830 (Notebook 256G version: MZ-7PC256N) support Full Disk Encryption (FDE) with a password through the BIOS? I read on the web that your enterprise version of this product does support FDE, but it's not clear whether or not that is also supported on the consumer version.
Their Response:
Dear Customer...The retail market 830 series SSD does not natively support FDE. Only OEM version of the unit have the encryption placed. Samsung recommends the use of programs to encrypt the data on the drive... Thank You for choosing Samsung. -
Winmagic Securedoc and New Macbook Pro for Full Disk Encryption (FDE)
Hi, I wonder if anyone had any experience with this. I've installed a seagate Momentus FDE drive (...421 series) on my new macbook pro and tried installing Winmagic securedoc to manage full disk encryption. It seems that despite all their recommendations re: hibernatemode and lidwake and sleep vs hibernation, the MBP crashes when I close the lid and then awaken it (by opening and pressing the power button). It cannot be awakened via an external keyboard either. Note that both hibernate and sleep work fine without securedoc. As securedoc appears to be the only viable FDE solution, I'd really like to get it working. Has anyone had any luck getting it to work with the new MBPs?
PGP is another alternative as I have used it for the past few years on all of my Macbook Pros. I also own SecureDoc but have not installed it on the new Macbook yet.
I do know that PGP disables hibernate during the install as it can cause problems. -
Hello Everyone,
I just received my new T61. So far, in general, everything is great!
However, there is one thing I am unsure of. I bought a T61 with the FDE capable harddrive but I am having trouble finding much useful documentation on how this feature works!
To encryt the hard drive contents do I simple need to go into the BIOS and set a hard drive password?
What about resetting the password? I read if you need to force a password reset, it erases the hard drive. Is this done through the BIOS?
I also read something about storing a backup of the encrption keys or password or something onto removable media. Where do you do this?
Is there a software package for Windows to configure the FDE?
ThanksI am too looking for more info on this. The FAQ does not completely answers the question. When the password is changed, does that change the encryption key (and thus wipes out data)? What is the relationship between the password and the encryption key?
Also, can the FDE disk password be synchronized with Windows/AD password? (in a way that user would log into Windows and that would pass that password also to the disk)
moderator note: please do not ask one question in multiple threads and therefore split discussions. -
T440 SSD Samsung mz7te256hmhp-000L7 disk encryption
Does anyone knoiw hou to confirm that that my lenovo t440 with a Samsung ssd PM851 (mz7te256hmhp-000L7) support hardware based full disk encryption.I cant find anything in the BIOS about disk encryption, only a disk password option.How can a i be sure that the encryption is supported and if setting the disk password in the BIOS in enough?
I have finally gotten an answer from Samsung regarding encryption. Sounds like hardware FDE is only supported on the OEM version, not on the consumer version:
My Question:
Does the SSD 830 (Notebook 256G version: MZ-7PC256N) support Full Disk Encryption (FDE) with a password through the BIOS? I read on the web that your enterprise version of this product does support FDE, but it's not clear whether or not that is also supported on the consumer version.
Their Response:
Dear Customer...The retail market 830 series SSD does not natively support FDE. Only OEM version of the unit have the encryption placed. Samsung recommends the use of programs to encrypt the data on the drive... Thank You for choosing Samsung. -
Does anyone have any advice regarding 256 bit full disk encryption software for Macs? The other discussions on the topic are years old, so I would like some current input. Thanks for your help in advance.
Depending on your Mac, you might not want to upgrade to OS X 10.7 or 10.8 as it will not run the PowerPC based software your currently using costing a bundle to replace it all, also they will slow down your machine if it's not a more recent issue. You don't want to upgrade OS X without AppleCare defending your possibly bricked logicboard that's for sure.
Filevault encrypts the boot drive, however in doing so makes it near impossible to fix if you have a software issue and need to recover files directly or by using specialty software. Also it robs the machine of performance even more than the Lions do. So you will really need a SSD to work best with 10.7/10.8 and Filevault, then it has to be freshly installed. Filevault needs 50% free space on the boot drive, then it's going to write to the slower 50% half of the hard drive where performance is terrible compared to the first 50%.
Also Filevault is cracked under certain conditions, and if someone gets their hands on the machine (like the law) and knows what they are doing.
If you take your Filevaulted machine to Apple to fix, they are going to require the password to fix the machine obviously.
Software based encryption is vulnerable, you might want to instead place your sensitive data on external self-encrypting hardware that doesn't rely upon software or computer hacks/bypasses (ike freezing the RAM) to get to it.
http://www.datalocker.com/products/datalocker-dl3.html
Iron Keys for portable USB self encryption, both work with any computer, so your not locked into one platform.
With the senstive data off the computer and on a external device, there is the option of removing, hiding and securing the device. If used with a computer that's never connected to the Internet, it's safe from snoopers, except from a survelliance van parked outside your door. -
Anyone using SecureDoc Full-Disk Encryption for Mac from WinMagic?
Currently I am using Mac OS X v10.5 on a MBP and want to upgrade to Snow Leopard. I use PGP full disk encryption.
I do not want to wait anymore for PGP v10 before I can upgrade to Snow Leopard. In my search for a replacement for PGP I found SecureDoc Full-Disk Encryption for Mac from WinMagic.
https://www.winmagic.com/products/full-disk-encryption-for-mac
They claim to be Snow Leopard compatible
https://www.winmagic.com/kw/download.php?url=/datasheets/securedocmac_brochure20090925a.pdf
I have two questions:
1) Does anyone have experience with SecureDoc Full-Disk Encryption for Mac from WinMagic?
2) Where can I buy one? PGP has a store where I ordered my copy of the software. But I can't find a store anywhere for SecureDoc. With some trouble I found a reseller in the Netherlands, but they don't reply to any questions.I am currently testing a trial license from Checkpoint Full Disk Encryption.
http://www.checkpoint.com/products/datasecurity/pc/index.html
The company where I work is a Checkpoint reseller, and normally only has dealings with other companies, not end users. But we arranged a trial license and I can buy a single user license Checkpoint Full Disk Encryption if the test proves Checkpoint Full Disk Encryption is a good solution.
I created a bootable usb disk with Snow Lepoard on it. But I was unable to install FDE on it. After reboot I only get a blank screen, that's it. Probably it isn't supported to boot from a full disk encrypted removable drive, I can understand that.
I can't create a virtual Snow Leopard machine (legal reasons) to test it on. And all FDE solutions I found aren't compatible with Mac Server, which is a shame because you can virtualize Mac Server legally.
So now I am planning to change the hard-disk of my MBP this evening with another hard-disk to test Checkpoint FDE there. I don't want to upgrade my current Leopard installation to Snow Leopard only to discover it doesn't work as expected. I could of-course use my current installation and when it doesn't work rollback to a timemachine backup, but before that I have to decrypt my disk and uninstall PGP witch will take 1-2 days, and encrypt again when the test is over. Not pratical.
I will let you know how the test with Checkpoint Full Disk Encryption went! -
T61 full disk encryption question
I have T61 laptop model 6464 4YU
Can I use full disk encryption if I upgrade my hard drive or I have to by a laptop model that support FDE.
There is a lack of information about FDE. I only found FAQ on Lenovo web site.
I have called Lenovo support, but rep. could give me a clear answer.
ThanksYour T61 supports FDE - see here, here, here, and here.
Don -
Full disk encryption for the Mac ?
I desperately require a security measure against data compromise in the event of a physical theft of one of my Macs.
Is there some full disk encryption solution, similar to the TrueCrypt solution for Windows, that can work with a Mac? (TrueCrypt works on Mac but not its feature of full disk encryption)
Any other ideas on reinforcing security in such physical theft incidents?
Thanks!Visited http://www.macintouch.com/
PGP Corporation is now shipping PGP Desktop 9.9 for Mac OS X, a major update of the encryption software. Highlights of this release include full support for pre-boot authentication, full support for external drives (including the sharing of Whole Disk Encrypted thumb drives between Mac and Windows clients), use of the FIPS 140-2 validated PGP SDK for cryptographic operations,
http://www.pgp.com/ -
Full DIsk Encryption and Windows 8
I have my full disk encryption policy assigned to a windows 8 laptop. When I look under device assignments on the server it shows the laptop, but when I look ion the laptop it says no policy enforced. So it is not encrypting the hard drive.
wtaylor72,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://forums.novell.com/ -
Power failure during full disk encryption
I enabled the full disk encryption and during the encryption process I had a power failure. Now my mac boots up, asks me for my login and password and then hangs in the apple logo and runs the processor and fans at full power.
I am assuming that it may be finishing the encryption but I have left it on for several hours and it just stays in the same screen. I am running a 2008 Macbook Pro with a 2.8 dual core processor, 6MB ram and 750GB HD.
Does anyone know if it will eventually come back to life or should I be looking into rebuilding the drive?
Thank you,
-MattFor MisterFlo and others interested I'll elaborate a bit more, it was late when I posted..
The Equium A300 was a Vista SP1 WinRE setup which requires the latest huge WAIK download you've mentioned (which supports Vista SP1 and Server 2008) plus also a Vista SP1 DVD or source files to create the ERD.
For the original Vista RE setups you will need the older WAIK (which is a paltry 800Mb) and likely the previous 2007 Optimization Park for the pre SP1 ERD plus of course a Vista source.
One final tip - don't boot off the HDD to try the repair until all the files are substituted and the permissions for the files you've replaced are fixed and the BCD else it's almost certain you'll get a 0xc000000f error - "the boot selection failed because a required device is inaccessible" -
Cisco Agent Desktop / Supervisor Desktop Issue with Full Disk Encryption
Has anyone had any issues related to running Cisco Agent Desktop or Cisco Supervisor Desktop on a machine running full disk encryption? Our desktop team installed full disk encryption software from Check Point, and it seams to be causing some issues with call monitoring, screen pops via workflow and connectivity to the UCCX server. It's not effecting every machine (that we know of), but the fix for us right now is to provide a desktop without the encryption software. I'm just wondering if this is related to us, or if there is any supporting documentation out there?
Any help is apprecicated.CAD for IPCCX v4 does not support windows 7. See compatibility matrix:
http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_compatibility/matrix/crscomtx.pdf
In my experience if you already have CAD installed and you upgrade the OS (without a fresh rebuild) CAD will work - but it is NOT supported. You should test this though.
You will not be able to install the older version of CAD on windows 7, the installer will give you errors.
Brian
please rate helpful posts -
Request To Blackberry: Full-Disk Encryption
The current encryption option for the SD card encrypts ONLY the data contents, and NOT the full structure of the filesystem.
As it stands right now pulling an encrypted SD card from the Z-10 and inserting it into a Windows machine divulges the entire filesystem structure with names and modification dates intact. The data itself is encrypted and the file size padded out to the next 4k size, which appears to be the block size of the encrpytion system.
While this prevents Windows from considering the card "unformatted" and thus randomly offering to destroy it with a single click (which it would otherwise do) the file names, mod times and sizes confer quite a bit of information to a hostile party who comes into possession of the device and its memory card.
Having the choice of that not being the case (as is true for full-disk encryption on FreeBSD and other systems such as TrueCrypt) would be nice, even though it does some with a greater risk of accidental destruction should you insert the card into some other device by accident.
Market Information? Come read The Market Ticker!wtaylor72,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://forums.novell.com/ -
Currently I own a Macbook Pro and an iMac, both running Leopard. In particular for my MacBook Pro, I am desperately looking for a full disk encryption product. I know there is FileVault. But it will only encrypt the home directory. All other products will not encrypt the boot partition, so its pretty pointless for a laptop. Another problem is that Time Machine will not work well on FileVault directories.
I looked everywhere, but no luck so far. Given the popularity of Mac laptops, its kind of odd that there is not more around. Soon I won't be able to use my Macbook Pro on the road anymore as our corporate policy is going to require full disk encryption of all laptops soonI think that you're out of luck at the moment, heres an article that might give some hope for the future.
http://www.news.com/8301-10784_3-9869812-7.html -
Can host hacker break into guest that uses full disk encryption?
I know it is unlikely but let us say host has got owned, ie a hacker has managed to break into the host.
How would they go about breaking into a linux VM that uses full disk encryption?
They can't mess with the .vmdk without damaging it - it is encrypted by the guest.
They can't use vmrun because they do not know the guest passwords.
They can't attach to processes in the guest with debugging tools because they cannot see individual guest processes.
What can they do? And crucially, what can I do as a countermeasure?What really matters is WHERE you do the encryption. If the encryption is too low, data in the guest appears unencrypted. If it is in the guest, then the keys live in the guest and since SGX is not around at the moment, keys are somewhere in guest memory even for a little bit of time.
So the real question is what are you trying to achieve?
If you are trying to meet encryption at rest requirements then it makes no difference where you encrypt as the data on the disk will be encrypted and without the key no one can decrypt it. Now if you have keys generated within a VM without using DRNGD or some other high quatlity randomness source, then your keys could be predictable and you need to guard against making it easy for a brute force attack.
If you need to encrypt data in motion?
Then you need to consider how the VM is protected itself, how an application interacts with data to determine during 'motion' if someone should not be accessing the data even though they are already supposedly allowed to do so. Keys are in memory, so therefore you need to guard memory access for those keys to only the application in question. This is the hard part, and requires you to think seriously about logging, key management, etc.
So really what are you trying to achieve?
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2015
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
Maybe you are looking for
-
I deleted the contents of my profile. Now i get the firefox is already running error. i realize that i screwed up. i have restarted, uninstalled, reinstalled, but still firefox will not load.
-
Hello I am new to the forum but have read online that the forum can be helpful for getting problems resolved. I have BT Infinity broadband installed about 5 months ago. Initially it was working fine and the speed was great. For the last two months
-
Securing pdf document with digital signatures
I have a pdf document that has digital signatures. We need to secure it so no one who has input their digital signature can go back in later, delete their signature and then 're-sign' it. But I get an error message telling me I can't secure the docum
-
Problem using portlet's fork render with simplify url servlet
Hi, I'm creating a portal with bea weblogic portal and for simplify the urls I'm using the example of edocs to do this. http://edocs.bea.com/wlp/docs81/url/simplify.html Everything works fine until i need to use the portlet fork render functionality
-
Discoverer Plus - DECODE of last 10 transactions or last 10 days of my data
Dear All Anyone can help me of the below reqeust (DECODE Syntax) I need to create a report to get a specific number of transaction or days. Eample 1: Last 10 transaction (Base column will be transaction key number) Eample 2: Last 10 days (Base column