I've enabled the ATA Password on my PC and everything works fine.
I now want to move the SSD to another PC and remove the FDE.
What is the exact supported procedure to do that?
Are the steps below correct?
1. Reset the ATA password
2. Dissconnect the drive
3. Run secure erase on other PC
4. reinstall/restore OS, apps and so on.
Can I use an sata to usb adapter to perform step 3 above?
I just want to dubble check before doing anything drastic
Thanks in advance,
To move the drive to another PC remove the password in the original PC first.
You don't have to do a secure erase unless you are giving the drive away, just delete the partitions and start again, in theory running the Intel Optimise function permanently destroys old data. To do a secure erase requires you to hot plug the SSD into the computer after it has booted so that isn't locked to low level security commands. To do this connect the power cable to the drive but disconnect the SATA cable, then reboot, once the system has booted connect the SATA drive cable. I'm not sure if you can do this via USB.
Can someone from Intel please respond to Ryan's comment above:
If Ryan is correct and the 320 doesn't use KDF for the second AES key, the information provided by Intel is wrong. If the AES key is not encrypted by the ATA password than the 320's FDE implementation is broken and the hashing argument is irrelevant. A comment from Intel would be appreciated.
Technical specifications for any device like this should be public and I encourage everyone to demand them. I've read every comment on this thread numerous times and only one conclusion can be drawn from it: Intel currently implements black box security in the 320 series SSD.
The whole encryption thing with Intel SSDs seems to be more marketing than anything. In their literature they fail to point out that for encryption to be any good, you need to set a password first, and not all systems will support that. Intel don't seem to engage in any discussions regarding how we can secure our data using their SSDs. It's an additional worry that the even adding a password might still mean we have weak security anyway.
Currently I'm waiting for an Intel response on the fact some of their own brand new motherboards have broken support for setting the password, so at best you can't set one, at worse your PC might not boot up again!
Here is hoping for some information.
Anyone know if the 330 series also supports AES? I'm getting mixed information from Intel Tech Support. They claim only the 320 series and 520 support AES? This post also has a broken link that I can't use to confirm:
I have a HP Elitebook 8740W with an Intel series 520 SSD. Am I able to secure the drive with a password and what would be the best practice doing this?
From my Fujitsu laptop (S751) w/ a similar SSD this is done in BIOS's security-options (Hard disk security, drive0 password etc..) but I cant find any similar option from the HP BIOS.
Does the ATA security password have something to do with this?
setting a hard drive password for the drive itself is setting an ATA password for the drive. your bios must have this option And i thought your HP model does but i think they call it something else And theres little documentation on how HP implements it...
setting this will secure your drive since the 520 is self encrypting... if you have your old laptop you can try putting the drive into it And set a hard disk password then pop the drive into the HP And see if you can boot after entering the drive password if it prompts you...