-
September 2nd, 2003, 10:47 PM
#11
The main reason for wanting to use whole HD encryption is that operating systems often litter unrelated parts of the hard drive with bits of applications' data - this could be temporary files, swap files, or just about anything really.
So in order to be totally safe, encrypt the whole HD.
It is true that you would need to have some of the HD unencrypted to store the decryption software - otherwise the bios would have a hard time booting.
But not very much - only just enough to get the system going.
Also, the performance argument is largely irrelevant - modern CPUs can do encryption much faster than modern hard drives can read / write data. There would of course be a performance hit - but not much.
I've run stuff from encrypted volumes before, and it isn't noticably slow.
Also, the OS itself would not be encrypted in RAM, only on disc. Once it's loaded, it would run at full speed.
I can't see any reason why it would not be feasible.
Ok, on Windows it would be a bit tricky, because the software manufacturer would have to write some low-level drivers for use during boot. Also they would have to persuade Windows to install on an encrypted drive. But otherwise it should ok.
On Linux it *should* be a walk in the park, just use an initrd (as Red Hat already do) - which would be unencrypted on a small /boot partition - and store the encryption software in there.
The password would be prompted for at boot time before anything very much loads, and would be retained and used for the entire session.
Slarty
-
September 2nd, 2003, 11:09 PM
#12
Senior Member
Reminds me of the HDLock from Authenex, you need their A-Key to use it, it does the encryption so there's "supposedly" no performance loss, though I'm not so sure that there would be absolutely none. Here's the website, more than likely a little more than what you were looking for but it's a thought.
http://www.authenex.com/products_hdl...ariable=hdlock
Reality is the one who has it wrong, not you
-
September 3rd, 2003, 05:58 AM
#13
Just type in "cipher" at the command line and encrypt all ur folders. Eventually if u cipher all the folders then ur whole HD will be encrypted. If you do this command: cipher \s c:\windows then all the folders and subdirectories (the \s command does this) will be encrypted. So do that for all the folders on the C: drive and use the \s command to make it faster and after some tiem all ur folders/files shall be encrypted. Other users cannot see it and data put on a CD or floppy or emailed will not be able to read it.
-
September 3rd, 2003, 06:02 AM
#14
Thanks for the answer slarty like I said I have never thought of doing that and don't see a reason why I personally would do it. I see why someone else might want to.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|