12
4
I'm currently thinking about buying a ThinkPad X201 and equip it with a SSD drive. Now, to protect my data I always used Linux with LUKS full disk encryption on my laptops. However, as stated in another SuperUser post, this would disable the support for TRIM - so that doesn't seem to be a good idea with a SSD drive.
I've read that SandForce-1200 based SSDs offer integrated AES encryption tied to the BIOS password. However I can't find proper documentation on this. Questions:
- Any general drawbacks to this approach?
- I suppose this would require BIOS support for the feature - how to find out if works on a X201?
- Old BIOS versions only supported short (like 6 or 8 characters) passwords, has this situation improved to provide sufficient security for a disk encryption?
Update: This Source says you can't even set any password on these drives. Huh? That doesn't make sense, why would you even do the complicated AES operatins when you don't allow to use a key?
Thank you for any expert advice on the matter :)
The full-disk encryption slowdown only applies to Sandforce controllers which rely on compression for their speed. – Zan Lynx – 2011-03-24T19:20:08.057
I am going through the same research now as I figure out what to do with my new HP Folio 13's onboard SSD. I really found your blogpost helpful - +1 on the answer you posted. Thanks! – TARehman – 2012-07-25T18:22:51.273
You block requires a password. Does it then makes sense to advertise it here? – maaartinus – 2014-04-18T04:15:39.610
oops sorry about that, I somehow managed to set the wrong wordpress account to private while working on a different one ;) – c089 – 2014-04-19T17:31:12.593