Thinkpads Forum

ThinkRob wrote:

Uh... no. A hard drive password (in the ATA security sense) is almost entirely worthless as far as data security is concerned.

OK, let me rephrase myself: on a machine that doesn't support FDE (quite a few ThinkPads that are still in use, including our T43p babies... ) there's nothing more secure in the respect of data protection than a hard drive password. This statement is presuming a Hitachi drive with a FRU. How about that?

ajkula66 wrote: OK, let me rephrase myself: on a machine that doesn't support FDE (quite a few ThinkPads that are still in use, including our T43p babies... ) there's nothing more secure in the respect of data protection than a hard drive password. This statement is presuming a Hitachi drive with a FRU. How about that?

My pedantic eye batted nary a lash at that, good sir.

Re-reading my post, I realize it came off as rather prickly. Sorry about that!

ThinkRob wrote:

Re-reading my post, I realize it came off as rather prickly. Sorry about that!

Nothing for you to be sorry for, I haven't taken it as being prickly, merely passionate and strongly convinced of your beliefs/knowledge, which is always appreciated - at least by me.

So, apart from my little buddy idling in the holster, how do you suggest - all jokes aside - that I protect the data on my less-than-new ThinkPads?

I suggest TrueCrypt

ajkula66 wrote: So, apart from my little buddy idling in the holster, how do you suggest - all jokes aside - that I protect the data on my less-than-new ThinkPads?

LUKS/dm-crypt offers an excellent solution for Linux.

For Windows, there is BitLocker (which I don't trust, as it's closed-source) and TrueCrypt (which is reported to be quite solid.)

It is important to note that any software FDE solution can only provide meaningful protection if the laptop is off at the time of theft/loss/etc. If the laptop is running, recovery of the encryption keys from memory (although probably not feasible for your average "smash 'n grab" crook) is possible.