Anyone using SecureDoc Full-Disk Encryption for Mac from WinMagic?

A non enterprise disk can not work with the HW-FDE-Activation by WinMagic. Although they call themselves winMAGIC they can't do what can't be done. Apple EFI-Implementation is flawed, it lacks the BIOS-Compatibility needed to enable IDE_Security. The Non-Enterprise FDE relies on the so called Harddisk Password to enable the drive lock. There is no way (despite patching the EFI in the Apple Notebook) to enable such a drive (non enterprise) on a Mac.

Hi folks,

When I spoke to Seagate, they simply said that the FDE drives didn't care what platform they were put into and I should speak to WinMagic about what they can/cannot do. I did that and I have in writing (confirmed very specifically 🙂 that the ST9500421AS has been tested and shown to work by WinMagic. Therefore, that's what I'm planning to get 🙂

Rgds,

Guy

Hi idifix,

Well, I'm currently away from home on business so I doubt I'll get round to it for a little while. It may end up being a project for over the Christmas holidays. My APP expires over the Christmas holidays too, so I'll be less concerned about blowing my warranty by then.

I got very similar responses from Seagate. They just said it doesn't matter which one you choose and their disks don't care which device they're in or which OS is on them. I tend to treat responses from these "helpdesks" with a little caution because they're not normally setup to answer detailed technical questions.

I have built a USB recovery disk, if that's what you mean. I also have a backup disk that is a clone of my current disk. I didn't try booting it (rather foolishly) before I came away on business. It's a firewire disk so not quite what you're asking.

Theoretically, you should be able to still get to the external disk with Cmd-Option-Del at startup, IIRC. Alternatively, if everything is going well, just plug in your backup disk, then go into System Preferences and select the startup disk for the next reboot then perform the reboot.

Rgds,

Guy

SilentCry wrote:
But please do not overestimate the advantage of 7200rpm. I have no link at hand right now but I remember tests where 5.400 rpm notebook hdds where ahead of the 7.200 models.

FWIW, tests generally show that bigger drives on the average perform better than smaller ones simply because more data sectors reside on the higher density outer tracks. So, a substantially larger 5400 rpm drive often outperforms a smaller 7200 rpm one, even though the latter has inherently lower latency (the time it takes for a sector of interest on the average to spin to the head position, determined strictly by platter rpm) & always sweeps through more of a track per unit time (also determined strictly by platter rpm).

Because laptop drives must be compact, they generally are built with fewer, higher density platters. And because they must be energy efficient, they generally use weaker platter motors that take longer to spin up to operating speed & less powerful head positioning assemblies that increase track-to-track seek times.

So it isn't as simple as one might think. Spin rate is only one of several parameters that determine what would be the best drive for a laptop for a particular user.

I'm three months into the research of SecureDoc as a viable alternative to FileVault. The technicians and sales support at WinMagic have fielded dozens of my emails and answered many of my questions. I'll recap my experience here.

While the WinMagic website is vague on personal protection and is seriously geared to sell enterprise disk encryption--not personal software--the sales team assures me that a personal protection solution is available for $124.00 (software only). For an additional and annual maintenance fee of $25, personal users receive Tech support and Free Upgrades to the software.

I installed and configured SecureDoc without a Seagate FDE drive. The installation process involves running an installer package in OS X, rebooting, and beginning the lengthy encryption process. During installation, do not use a password longer than 31 characters--the current edition only accepts 31 characters at pre-boot while accepting an indefinite number of characters during installation. You will be without your data if you do not heed this warning. The engineers will resolve it in the next update.

I tested rebooting, power loss, and application crashes during the encryption process. After a reboot, the encryption resumed without error and took the better part of an entire day to secure the 350GB OS X partition.

SecureDoc creates two unique, 5MB partitions after the first reboot during installation, and these partitions are used during pre-boot. They accompany the 200MB EFI system partition, the OS X partition, and the BOOTCAMP partition, if it exists.

Partition scheme:
http://files.uploadffs.com/a/5/bfa55308/capture20091212_at_11.41.53AM.png

Once the partitions are created and SecureDoc begins encrypting the drive, your data is protected behind the SecureDoc pre-boot logon and the < 32 character password you chose during installation. Holding Option at power-on now displays any removable and bootable media alongside the SecureDoc pre-boot logon partition and the BOOTCAMP partition, if it exists.

I vaguely recall the technical support technician telling me that the BOOTCAMP partition CAN be encrypted, but only when SecureDoc is used with a Seagate FDE drive. This warrants additional research.

Time Machine continues to back up my OS X partition as it did before. However, I'm concerned about how one would do any of the following:

* A full-system restore from Time Machine or Time Capsule backup after hard drive replacement
* An OS X system restore from Time Machine or Time Capsule backup

I say this because I don't know how one can restore into the encrypted OS X partition by booting to the OS X installation DVD. It's possible that the restore process is as simple as formatting the encrypted OS X partition and restoring the Time Machine or Time Capsule backup to it, booting to it as you normally would, and running the SecureDoc installation/encryption again.

On the other hand, the restoration may require you delete the two SecureDoc 5MB pre-boot partitions, format the encrypted OS X partition, and THEN restore from backup. All this would of course be followed by a re-installation of the SecureDoc software and encryption of the OS X partition--again.

I just haven't had the guts to try, nor have I needed to try either scenario.

Let me complicate the Time Machine backup even more. Time Capsule stores your Time Machine backup in a securely encrypted sparsebundle disk image on a network share. Time Machine, however, when used with an attached hard disk drive DOES NOT encrypt the backup unless File Vault is enabled. Thus, while your primary OS X partition remains securely protected by SecureDoc, all of your data remains insecurely available in the Time Machine backup. Guess what: File Vault is not yet supported by SecureDoc.

Therefore, to secure a Time Machine backup, the solution is to either use a Time Capsule device or to secure the "removable media" in SecureDoc with encryption.

Using SecureDoc to encrypt the removable media may mean that you CANNOT access it as a Time Machine backup from the OS X installation DVD. You may ONLY be able to restore from this Time Machine backup from within the booted and fully functional OS X that you used to secure the media in the first place.

Go fish.

In conclusion, I have to wonder if this full disk encryption is not causing me more trouble than it's worth. With FileVault, my user data IS encrypted on the system partition AND in my external backup. I can restore a full system, or individual files. Furthermore, I can mount the FileVault backup on another Mac and access its contents with password authentication. All this for the mere inconvenience of logging out to perform the backup.

SecureDoc by WinMagic has a long way to go before it is a secure, usable, and recoverable alternative to FileVault.

Message was edited by: brianstanfill

idifix wrote:
The reason I encrypt my MBP, is because I want to protect my personal data when my MPB is stolen or when its in a repair shop for example. Also, when I discard my hard drive, I don't have to worry about my data.

As I understand it, your only objection to using FileVault for this is its vulnerability to a frozen RAM attack, which exploits the fact that the encryption key is stored in RAM & RAM loses its data slowly, especially if chilled to low temperatures.

If so, then theft is really the only scenario you need to worry about: you can easily make sure the computer has been shut down long enough for the key to be lost from RAM before taking the Mac in for repair (in fact, it would be hard to avoid it!) & when discarding a drive all that matters is how strongly the data on it is encrypted.

For the theft scenario I wonder if it would be possible to eliminate the memory retention vulnerability with a small software modification that simply overwrote the encryption key in RAM with another data pattern at the appropriate time, like just before a screensaver or sleep mode started up. Maybe I'm missing something, but in articles discussing the attack it has been suggested that an effective but impractical defense would be for the OS to overwrite the key at frequent intervals, requiring constant & inconvenient reentry of the key by users. Thus, I assume the basic idea is sound & it is only the inconvenience that makes it impractical, which this approach would seem to eliminate.

I doubt that it would be much of a challenge to implement this. Apple could probably incorporate it into an OS update or security patch; it might even be straightforward enough that the open source community could do it. I don't see any downside -- it involves only a tiny amount of RAM so execution time would be negligible, making it practical even for forced sleep when a laptop's battery is nearly exhausted. And because it addresses the source of the vulnerability (memory retention), it would seem to eliminate it completely.

Any thoughts on this would be welcome.

to idefix: My Version of SecureDoc 4.0.16 runs on 10.6.2. It is not beta.

to R C-R: FileVault has many other Flaws. Yes, frozen RAM is a major concern. But also the fact that if an attacker can force the Mac to suspend to disk you have the Key in the hibernation file. And FileVault is not very well supported by TimeMachine. And it is a performance issue to use it. And, not to forget, it is vulnerable to frozen RAM.

Your theory to overwrite the key is impracticable. As long as the Container is open the key MUST BE in RAM. Only on logoff the key could be overwritten. You could never again leave your machine.

The only way to be safe and (at best effort) comfortable is either a sealed RAM or the solution with a HW FDE.

SilentCry wrote:
But also the fact that if an attacker can force the Mac to suspend to disk you have the Key in the hibernation file.

So what? It is still encrypted, right? If it were not, FileVault would be useless.

Your theory to overwrite the key is impracticable. As long as the Container is open the key MUST BE in RAM. Only on logoff the key could be overwritten. You could never again leave your machine.

I don't understand this. Why must the key be in RAM when the Mac sleeps or goes into screen saver mode? The key is only needed to encrypt or decrypt files, so it could be overwritten once the needed files were moved to RAM. The user would then have to reenter it on wake or when coming out of screen saver mode to get further access to files.

Hi R C-R

I tried File Vault and it imposed too many changes to my usual workflow. Basically, I was exchanging one form of security (easy and regular backups) for another (disk encryption). I pretty quickly backed out of FileVault.

I dumped PGP because the encrypted volume I had managed to corrupt some contents irretrievably.

So far, SecureDoc looks good to me. My workflow is just as before and I've not had any issues with the behaviour of the product.

Rgds,

Guy

PGP has had Full Disk Encryption for Snow Leopard for a couple months now. They had a public beta for it back in Sep last year! It supports Bootcamp as well, I have Win 7 and Snow Leopard dual boot.
It's really fast as well and does not impact my Time Machine backups at all. Best of all you can buy a single copy right off of there webstore. As for the cold boot attack stuff PGP switches the key in memory to prevent burn in and also wipes it when you put the system to sleep or shutdown for example.

OK, well I finally got round to buying the Seagate Momentus FDE.2 7400 (ST9500421AS) and installing it. That part went surprisingly easily just following the instructions on ifixit. I formatted the disk as MacOS Extended (Journaled) and restored direct to the new disk from my cloned backup. All good so far.

I then tried to re-install SD and it is currently complaining that it cannot upgrade from 4.0.16 to 4.0.16 so I'm waiting on a response from their support folks. I have every confidence that they'll be back to me really soon and we'll get it fixed.

I'm more pleased that (touch wood) there have been no issues at all regarding the use of the ST9500421AS in my MBP 17" Core2Duo. Some of the other messages I've found online have told very scary stories of how it all went wrong. I didn't have any issues at all, just like the WinMagic support guys said would be the case 🙂

Rgds,

Guy