oROEchimaru
Supreme [H]ardness
- Joined
- Jun 1, 2004
- Messages
- 4,662
issue: 3rd party solutions for encryption in the enterprise often want "their encryption" on the drive. If the drive already has encryption it may try to re-encrypt with the 3rd party solution that could damage the drive (or androind, iphone that is encrypted already).
various vendor solutions: trust the pid/vid ids of the device. However this whitelists all devices with that pid/vid, even those that do not have encryption. For instance a western digital external drive may have encryption. The user could format it, remove encryption and now has a trusted device that no longer requires encryption.
What I would like to review is.... there a command line or way for a program to detect that the device has 128 or 256 encryption already > therefore trust it due to having encryption not from vid/pid.
Then I could pass it on to developers. Thanks!
various vendor solutions: trust the pid/vid ids of the device. However this whitelists all devices with that pid/vid, even those that do not have encryption. For instance a western digital external drive may have encryption. The user could format it, remove encryption and now has a trusted device that no longer requires encryption.
What I would like to review is.... there a command line or way for a program to detect that the device has 128 or 256 encryption already > therefore trust it due to having encryption not from vid/pid.
Then I could pass it on to developers. Thanks!