« Previous Post

The “evil maid” hack can’t touch self-encrypting drives

Pete Steege

Pete Steege

October 28, 2009

evil maid 4There’s a new chink in the armor of software-based drive encryption – the Evil Maid Hack.  Privacy Digest explains how it works

Just like hacks before it (remember Cold Boot?), the Evil Maid doesn’t work on self-encrypting hard drives like those from Seagate.  That’s because encryption is hard-wired into the drive and automatically locks it when power is removed.  Nothing on the drive, including the bootcode, can be accessed without the user’s password.

The Evil Maid would be staring at a password entry screen, cursing away, unable to see let alone change the bootcode.

You can close this gap – in laptops, servers or storage systems – with self-encrypting versions of Seagate Momentus, Savvio, Cheetah, and Constellation drives.

This entry was written by Pete Steege, posted on October 28, 2009 at 2:16 pm, filed under Security and tagged , , , , , , , , , , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

« Previous Post

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*


* Seagate will review all blog submissions and determine, in its sole discretion, whether such submissions will be posted for broader viewing. No blog comment will be considered for posting if deemed potentially damaging to Seagate's reputation or insufficiently aligned with the relevant blog topic. Without in any way limiting the foregoing, no submissions will be posted that contain: confidential company information; profanity; racial slurs; gratuitous references to sex, substance use, or violence; or statements that are in any way contrary to the letter or spirit of Seagate's Code of Business Conduct and Ethics.