LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Laptop and Netbook
User Name
Password
Linux - Laptop and Netbook Having a problem installing or configuring Linux on your laptop? Need help running Linux on your netbook? This forum is for you. This forum is for any topics relating to Linux and either traditional laptops or netbooks (such as the Asus EEE PC, Everex CloudBook or MSI Wind).

Notices


Reply
  Search this Thread
Old 06-17-2009, 02:11 PM   #1
matiasquestions
Member
 
Registered: Sep 2005
Posts: 65

Rep: Reputation: 15
Internal HDD password or encryption?


Hi!

I've been given a new laptop from work and I'm going to install linux on it. It's a Dell Latitude E5500. Looking into the bios I've found that it has a feature called "Internal HDD Password".

As the information I'm going to have is VERY sensible, I wonder if this is as secure as encrypting the entire disk at the operative system level.

What is the most secure?


Thanks for any suggestion

Matias.
 
Old 06-17-2009, 03:56 PM   #2
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,247
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
E5500 so does that system have a Seagate Momentus FDE (Full Disk Encryption) hard drive ?

And the Wave Security features ? http://www.wave.com/ in Windows it would use the Trusted Drive Manager Software to sync the Hard drive password to your login account password.

That is a very secure system, I'm not sure if it can be fully implemented under Linux or not.. I've always wondered, but I can't reload the laptop I have here, since it belongs to our external sales guy...
 
Old 06-17-2009, 04:03 PM   #3
rjlee
Senior Member
 
Registered: Jul 2004
Distribution: Ubuntu 7.04
Posts: 1,991

Rep: Reputation: 76
Encrypting the disk is by far the more secure.

Setting a password in the BIOS will probably only stop someone from booting up your computer to get at the disk; anyone could simply remove the disk and then plug it into another computer to access it. Or even reset the BIOS on your laptop.

Edit: the above does not apply to Full Disk Encryption (FDE) that Farslayer refers to. There is, however, a well-known way to get the encryption key from an FDE disk if you can access the computer while the power is still on and the machine is booted. So, although much more secure than a BIOS password, I still wouldn't rely on FDE alone.


You haven't said what kind of information (and quite right too!) so I'm going to assume that this is really sensitive information. I would think carefully if it's a good idea to keep such data on a laptop at all; physical access is usually the weakest link in any good security chain and laptops are by definition easy to steal. You should also consider how the data is to be backed up and how backups are to be stored and secured.

If I were in your position, I'd set up a secure link to a physical server on which the data actually resides (possibly a secure VPN, or stunnel with some sort of key-pair rotation), and just use the laptop as a secure thin client; that way, if you find the laptop has been stolen you can just kill the link.

Then again, real disk encryption is probably a good idea even in that scenario.

Last edited by rjlee; 06-17-2009 at 04:12 PM. Reason: Include details of FDE
 
Old 06-17-2009, 05:17 PM   #4
matiasquestions
Member
 
Registered: Sep 2005
Posts: 65

Original Poster
Rep: Reputation: 15
Thank you all guys. I've finally encrypted the entire disk as I've also read somewhere that the disk password, despite it is saved on the disk chipset (controller) and on the disk itself a good data recovery specialist can still get to the data (I think that a good one would also be able to get to the encrypted data anyway, but I think it will be many times harder).


Thanks!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
HDD Encryption Question richinsc Linux - Security 2 09-24-2008 06:17 AM
Installing Ubuntu on External HDD; PC has no internal HDD 449 Ubuntu 2 11-28-2007 05:12 PM
Linux password encryption and data encryption Tux-Slack Programming 4 06-20-2007 06:46 AM
Advanced encryption on hdd Ephracis Linux - Security 1 05-09-2005 04:01 AM
hdd encryption on linux lolinux Linux - Software 2 10-24-2003 06:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Laptop and Netbook

All times are GMT -5. The time now is 03:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration