The promise and practice of UEFI for Full Disk Encryption

When I first heard about UEFI a few years ago I thought it was a great idea. It could make life easier in the long run for developers of full disk encryption to provide advanced authentication and maintenance features for their customers. With this in mind I joined WinMagic up to  Having implemented pre-boot authentication on Apple Macs, which used EFI, we were already familiar with UEFI’s predecessor.

Encryption Alphabet Soup

Learning a multiplicity of acronyms is pretty much a requirement for navigating any discipline. Every field has its own set of acronyms and the sequence of 3 or 4 letters that usually make up the acronym most likely has a completely different meaning from discipline to discipline. Even within a discipline it is common to see the acronyms muddled together.

How SEDs Really Work

I have been working with hardware and software encryption for well over a decade now and I have seen countless power point presentations on the advantages of hardware encryption over software encryption.  Transparency, performance and security are the big three.

The Need for Speed

Is software encryption on a notebook with a Solid State Drive (SSD) a non-starter due to performance concerns?

This is a good question and I have heard it asked by some pretty smart people recently.

Annual TCG Members Meeting: The Slow March of Progress

I attended the TCG (Trusted Computing Group) annual members meeting last week in beautiful Vancouver and thought I would share a couple of observations.

First of all, a little background – The TCG is an organization whose mandate is to set security standards for commercial use.  The scope ranges from small mobile devices to large disk drives used in the enterprise.  Key participants (about 100 in person this year) include: the PC OEMs (e.g. Lenovo, HP, Dell, etc.), OSVs (e.g. Microsoft), component manufacturers (e.g. disk drives, TPMs…), governments and ISVs.   That’s where WinMagic comes in.   We are an Independent Software Vendor and a member of the Storage Work Group (SWG).   The SWG is responsible for the “Opal” specification for self-encrypting hard drives (SEDs), as well as, the specification for the larger “enterprise” drives.