Software vs Hardware hard drive encryption

R

roaf85

2[H]4U
Joined
Jan 8, 2005
Messages
2,766
I just noticed this at newegg today.

http://www.maxtorsolutions.com/en/catalog/BlackArmor/

Basically is there any difference between hardware vs software hard drive encryption. The drive seems painfully slow, but at the same time I hear that hardware has the benefit because the pass key is not stored in memory.

Just getting some inputs. Might save up to buy one of these. I am using TrueCrypt on a flash drive now.
 
Looks interesting; though I'll wait for security experts to tear it apart before I buy one. Even then, software solutions like TrueCrypt are pretty flexible since you can use it for just about any device. I'd also consider software solutions plenty secure for most users provided they're aware of potential security issues (like the recently documented cold boot attack).
 
SockMan! said:
Looks interesting; though I'll wait for security experts to tear it apart before I buy one. Even then, software solutions like TrueCrypt are pretty flexible since you can use it for just about any device. I'd also consider software solutions plenty secure for most users provided they're aware of potential security issues (like the recently documented cold boot attack).
Click to expand...

I agree with you however I think if you want to encrypt something you should go balls to the wall. I think that software encryption could be safe for most users but you are backing up that information in case someone steals it.

So if someone steals the information and there is a way around software based encryption then I think it is useless. Just my thoughts.
 
roaf85 said:
I agree with you however I think if you want to encrypt something you should go balls to the wall. I think that software encryption could be safe for most users but you are backing up that information in case someone steals it.
Click to expand...

A potential problem with this hardware device is that we don't know how well it works to secure the data. For all we know the keys could be stored in plaintext on a flash module. I doubt they'd design it this poorly, but at least with open source software solution like TrueCrypt you have a lot of eyes looking for holes. Manufacturers of proprietary security hardware probably don't want any publicly available documentation of their security vulnerabilities either.

Besides, either way isn't secure if you ignore other security threats. If you want "balls to the wall" security, then you'll have bigger threats and decisions to deal with than software vs hardware (such as making sure your passwords and network are secured). Crackers aren't going to sit around and brute force your encrypted drives; it's far easier to steal the keys.
 
SockMan! said:
Looks interesting; though I'll wait for security experts to tear it apart before I buy one. Even then, software solutions like TrueCrypt are pretty flexible since you can use it for just about any device. I'd also consider software solutions plenty secure for most users provided they're aware of potential security issues (like the recently documented cold boot attack).
Click to expand...

This isn't even an issue in the real world. When a system is stolen or seized in a password protected state the first thing that anyone is going to do is boot their security disk of choice (eg backtrack) and either swap or crack the necessary sam files to gain access to Windows. By the time the attacker realizes that the drive is protected by something like TrueCrypt the keys they need are already long gone. Short of pissing off the NSA, your data is pretty much untouchable provided you used a reasonably complex password that doesn't happen to be the same as that of a less secure system.
 
If you used truecrypt and made the entire hard disk encrypted and that you had to use a USB flash drive in combination to using a password then your stolen data will remain safe. In my opinion.
 
You must log in or register to reply here.
Back
Top