Encryption is a process to protect data by using sophisticated mathematical functions. Data is scrambled when written to the drive. This data is then not readable by an unauthorised person. When data is read back from the drive by an authorised person it is then converted back into readable data. Usually authorisation is provided by a password of some sort.
When using encryption, there are few things to watch out for
If you forget your password, you will be locked out of your own data. Be careful.
If your hard drive starts failing you could lose access to all your data.
You need regular backups if using encryption, as it is usually uncrackable.
Data is encrypted when the computer is off, but if someone accesses the disk while powered on they can access the data the same way you can.
Ideally, if you plan to use encryption try to speak to somebody knowledgeable about the system you have. The way a Mac handles things is very different to the way Windows does, which is different again to the third party options.
Users of PGP Whole Disk Encryption for Mac are advised agains the recent system update to Snow Leopard 10.6.5. Reports of users getting stuck in a reboot loop after the update have been appearing on PGP forums. The official advice is to first decrypt, then install the update, then encrypt again. More details of this can be found on Threatpost, with links for people that have already performed the update and are now locked out of their systems.
It was interesting to read this article recently which shows how strong current encryption technology is. The FBI and other organisations were apparently unable guess or crack the pre-boot passwords of criminal’s hard drives using a technique known as a dictionary attack. As it’s name suggests, a dictionary attack uses a combination of known words to attempt to guess the password. This is opposed to a brute force approach which would start from one series of characters and continue in a sequence to guess possible combinations.
It is worth remembering that if you are going to encrypt your hard drive that even the FBI can’t access your data if you forget the password. Also if the bootable part of your hard drive becomes unstable, it can be almost impossible to gain access to your data, even with the password. Make sure you test out your disaster recovery process on an encrypted drive, before you trust your crucial data to it. And also make backups somewhere that can be accessed quickly if required. Some large drives can take a day to decrypt even if they are fully functional.
Fujitsu’s new 80-320GB “MHZ2 CJ” drives come with a nice added feature. Not only do they spin at a reasonable 7200rpm, they also have the ability to totally lock you out of your data (And throw away the key). With AES-256 encryption you you can be sure that a forgotten password would wave bye-bye to your data. Currently, AES has yet to be broken in a feasible way, leaving a lengthy brute-force attack as the only option. I question the implementation, as we have seen a number of problems with hard drive passwords which are stored on the drive in the service area. Quite often the passwords become corrupt leaving the user locked out of their drive. The only way to overcome hard drive passwords is by low-level firmware repair, effectively removing the password. This is likely not an option with disk encryption as you would expect a much more robust system.
Whichever way you look at an encrypted drive, it could cause major problems to people needing data recovery. Is it just a clever marketing scheme in a paranoid market or is there some really secure basis for the new technology. I can’t wait to get my hands on one and find out.