Re: List of Full Disc Encryption products

["Saqib Ali" <docbook.xml () gmail com>]

> I don't believe your second sentence. Prove me wrong. What mandate says
> that full hard drive encryption is mandatory versus just encrypting the
> necessary files and folders?  Give me the law and subsection.

I never said that there is a federal/state law/mandate that requires
full disc encryption. See my second sentence below:

SA said: "Encrypting individual files or storing data in encrypted
vaults does NOT meet the security requirements anymore."

A government agency, however, may set certain guidelines/requirements
without a law/mandate in place. And there are some agencies doing just
that in DC. The following are some reasons why full disc encryption is
preferable.

1) Encryption of temporary / swap is important as confidential data
maybe revealed from these files in case of HDD theft.

2) Quick Erase functionality as advertised by Seagate's FDE.2 drive
provide immediate data destruction by replacing the AES key on the
ASIC. This can save thousands of dollar the agency spends in proper
destruction of the HDD. See
http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf

3) user-proof. everything is encrypted if FDE is enabled.

4) pre-boot authentication.


--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and  
practice to master. We can't teach you to hack. But we can teach you  
what we've learned so far. Our courses are honest, real, technical  
and practical. SensePost willl be at Black Hat Vegas in July. To see  
what we're about, visit us at: 

http://www.sensepost.com/training.html
---------------------------------------------------------------------------