13.6. Using Hardware-Encrypted Drives
All the encryption options mentioned so far in this chapter are software-based. As a result, they all have certain inherent limitations. If the software becomes corrupted because of a disk error, for example, you may be unable to access your encrypted files. A malicious program could conceivably insinuate itself into your system between your encryption software and the operating system, capturing your password as you type it, decrypting data behind your back, or causing other mischief. Because the necessary software must run on the computer accessing the data, moving drives between systems (particularly on different platforms) can be challenging. And in the case of full-disk encryption programs, the time required to encrypt an entire volume (and the restrictions they sometimes place on partitioning) can be hard to swallow.
Wouldn't it be great if your storage device itself were somehow inherently encrypted so you don't have to mess with software at all? In fact, numerous hard drives and flash drives do have one sort or another of built-in encryption, which can solve many of the previously mentioned problems — albeit at a higher cost and with some additional usage complications.
Most devices of this sort fall into one of several major categories, as I discuss next.
|
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
