After searching for "TPM" in our forum's search engine, I'm still left with a couple of questions for my two identical T61p ThinkPads, both with WinXP SP3 as described below in my signature line ..... Note: Lenovo's CSS and R&R have been uninstalled by me. Each unit has two 7k320 Hitachi BDE
drives (using ultrabay adapters for the 2nd drive in each) and both machines have the HDD PWs enabled
. I have to actually enter two separate HDD PWs each time I power up either machine (even if the PWs are the same on each HDD). In addition to the four 7k320 BDE HDDs across both machines, I keep four more Acronis-cloned backup 7k320 BDE drives at any given time stored safely in another building.
Since I can not find the Amtel TPM listed in Device Manager on either machine and I do not have CSS installed, may I assume my TPMs are disabled? Lending further evidence to that assumption is that I can swap any of my eight PW protected HDDs between the two machines (after a power-down) and they accept the different HDDs at power-up just fine after entering the correct HDD PWs. I even use two different passwords across the eight HDDs …. that is, a different unique HDD PW for each machine.
If my TPMs are in fact disabled, then my BDE drives may not be encrypting data. I think I read somewhere that BDE/FDE drives use the TPM and the HDD PW to generate the encryption key or keys. If they were encrypting the data on the disks, then I should not be able to swap them between different machines (i.e different TPMs) like I can at present. Does that sound correct?
If my assumption that enabling TPM will limit the use of my HDDs to only one unique machine, then may I presume that the BDE hardware-based encryption feature of my HDDs is not best suited for my situation of needing to be able to swap HDDs between two different machines on a moment's notice .... and that software based encryption (like I use on my external HDDs) would be more suitable?
Is it true that HDDs (non-FDE/BDE and FDE/BDE) that are used on a TPM "enabled" laptop (with a HDD PW also enabled) can lead to major data transfer headaches if your laptop TPM ever fails and/or the motherboard is replaced (i.e. your PW protected Hard Drives may not be useable on the repaired machine, including your back-up data from cloned PW protected backup HDDs)?
I thought I read somewhere that a PW protected HDD on a ThinkPad (with TPM enabled) will only work on that one ThinkPad.
If my understanding of how TPM works with HDD PWs (both regular and BDE/FDE drives), then what's the big deal about all the virtues of TPM and CSS for units that need to swap-in different data HDDs from other machines?
Is the TPM feature most suitable for traveling situations where potential theft of the laptop and its data is the major risk (rather than something like a failed motherboard that has to be replaced along with its TPM chip)?
Sorry for the long winded post …… Thanks