• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3933
  • Last Modified:

Hard Disk Encryption - HP Drivelock vs Windows Bitlocker

We have all HP equipment and for the last few years I have used Drivelock to protect (encrypt?) these drives.  I have concerns that drivelock is not true drive encryption and debating if we should switch to using Bitlocker, we are starting to roll out windows 7 enterprise.  Has anyone had any experience with using Drivelock from HP/Compaq?
0
ltrcne
Asked:
ltrcne
  • 3
  • 3
2 Solutions
 
pand0ra_usaCommented:
DriveLock doesn't encrypt the harddrive it only locks it with a password which is an excellent way to annoy thieves - they may steal your laptop but cannot start it or access your data.

If a DriveLocked drive is connected to a computer that does not support drivelock then the data can not be accessed.

I would complement Drivelock with some form of full disk encryption if the data is that sensitive.
0
 
DavidPresidentCommented:
Later versions of Drivelock WILL do full disk encryption, or it can be used more like a password to unlock unencrypted data.  It comes down to how you configure it.  Note that all encryption can be circumvented via a variety of techniques, that are best not named in a public forum.

The encrypted data can be accessed if the drive is connected to a system that is not using it ... and then this encrypted data can be decrypted.  But this is a standard weakness of any encryption technology that does not also use something like a passkey, fingerprint, or retinal scan.

Both drivelock and Biltocker can be defeated via social engineering.  there are plenty of people out there who will gladly reveal a password if a stranger gives them a convincing story :)
0
 
pand0ra_usaCommented:
Dlethe, it sounds like you don't like encryption. What would you suggest?
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
DavidPresidentCommented:
No, i did not say I didn't like encryption.  I wanted append the comments where you said drivelock doesn't encrypt.  That is no longer the case.

But drivelock & bitlocker are vulnerable via social engineering, but that goes with the territory. Both technologies are the best you can hope for in a PC.  Go with either, just make sure it is latest version, patched, and you don't do a bonehead configuration that opens you up to attack.

There are some great things coming out of Seagate & LSI with a RAID card with built in encryption and a drive that encrypts in hardware.  This is not appropriate for a laptop due to price issues and the need for a PCI slot .. but it does provide an excellent server solution. Encryption is done on-the-fly and at full speed.

0
 
pand0ra_usaCommented:
dlethe, I did have one other question for you, you said "Note that all encryption can be circumvented via a variety of techniques, that are best not named in a public forum.". I used to be a CT (Cryptographer) in the Navy and I am curious as to what the various techniques are that can circumvent encryption (aside from social engineering which like you said fools people not hardware or software)?
0
 
DavidPresidentCommented:
Google can be a wonderful thing to find exploits, but I will not add to the knowledge base by mentioning any of them. Suffice to say, that there are techniques beyond brute force decryption and social engineering.   Some involve hardware,  others involve "circumvention" code.  Thinking outside of the box is helpful also.   I will throw you a bone, since this is well known.   Think about techniques that people used to crack DRM so you can copy "protected", movies, amazon kindles, itunes music; DVRs ...

Those technologies were listed as safe and secure also, and I admit that encryption was limited, but they are examples of outside-the-box thinking.  'nuff said.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now