1 5 6 7 8 9 Previous Next 124 Replies Latest reply: Feb 26, 2013 10:56 AM by LS1 Go to original post RSS
      • 120. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
        michaelk

        Hi

         

        I've enabled the ATA Password on my PC and everything works fine.

         

        I now want to move the SSD to another PC and remove the FDE.

         

        What is the exact supported procedure to do that?

         

        Are the steps below correct?

         

        1. Reset the ATA password
        2. Dissconnect the drive
        3. Run secure erase on other PC
        4. reinstall/restore OS, apps and so on.

         

        Can I use an sata to usb adapter to perform step 3 above?

         

        I just want to dubble check before doing anything drastic

         

        Thanks in advance,

         

        Michael

        • 121. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
          phil_l

          Hi

           

          To move the drive to another PC remove the password in the original PC first.

           

          You don't have to do a secure erase unless you are giving the drive away, just delete the partitions and start again, in theory running the Intel Optimise function permanently destroys old data.  To do a secure erase requires you to hot plug the SSD into the computer after it has booted so that isn't locked to low level security commands.  To do this connect the power cable to the drive but disconnect the SATA cable, then reboot, once the system has booted connect the SATA drive cable.  I'm not sure if you can do this via USB.

           

          Regards

           

          Phil

          • 122. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
            jron

            Can someone from Intel please respond to Ryan's comment above:

            Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...

             

            If Ryan is correct and the 320 doesn't use KDF for the second AES key, the information provided by Intel is wrong. If the AES key is not encrypted by the ATA password than the 320's FDE implementation is broken and the hashing argument is irrelevant. A comment from Intel would be appreciated.

             

            Technical specifications for any device like this should be public and I encourage everyone to demand them. I've read every comment on this thread numerous times and only one conclusion can be drawn from it: Intel currently implements black box security in the 320 series SSD.

            • 123. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
              phil_l

              Hi

               

              The whole encryption thing with Intel SSDs seems to be more marketing than anything.  In their literature they fail to point out that for encryption to be any good, you need to set a password first, and not all systems will support that.  Intel don't seem to engage in any discussions regarding how we can secure our data using their SSDs.  It's an additional worry that the even adding a password might still mean we have weak security anyway.

               

              Currently I'm waiting for an Intel response on the fact some of their own brand new motherboards have broken support for setting the password, so at best you can't set one, at worse your PC might not boot up again!

               

              Here is hoping for some information.

               

              Regards

               

              Phil

              • 124. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
                LS1

                Anyone know if the 330 series also supports AES? I'm getting mixed information from Intel Tech Support. They claim only the 320 series and 520 support AES? This post also has a broken link that I can't use to confirm:

                 

                Re: SSD 330 & encryption

                • 125. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
                  Lauri

                  Hi,

                   

                  I have a HP Elitebook 8740W with an Intel series 520 SSD. Am I able to secure the drive with a password and what would be the best practice doing this?

                   

                  From my Fujitsu laptop (S751) w/ a similar SSD this is done in BIOS's security-options (Hard disk security, drive0 password etc..) but I cant find any similar option from the HP BIOS.

                   

                  Does the ATA security password have something to do with this?

                  • 126. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
                    LS1

                    setting a hard drive password for the drive itself is  setting an ATA  password for the drive.  your bios  must have this option And i thought your HP  model does but i think they call it something  else And theres  little documentation on how HP  implements it...

                     

                    setting  this will secure your drive since the 520  is self  encrypting... if you have your old laptop you can try putting the drive into it And set a hard disk password  then pop the drive into the HP  And see if you can boot after entering the drive password if it prompts  you...

                    1 5 6 7 8 9 Previous Next