Trei, Peter

ABIT has come out with a new motherboard, the "IC7-MAX3" featuring something called 'Secure IDE', which seems to involve HW crypto in the onboard IDE controller:

From the marketing fluff at http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251

"For MAX3, the ABIT Engineers listened to users who were asking for information security. SecureIDE connects to your IDE hard disk and has a special decoder; without a special key, your hard disk cannot be opened by anyone. Thus hackers and would be information thieves cannot access your hard disk, even if they remove it from your PC. Protect your privacy and keep anyone from snooping into your information. Lock down your hard disk, not with a password, but with encryption. A password can be cracked by software in a few hours. ABIT's SecureIDE will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files."

No, I have no idea what this actually means either. I'm trying to find out.

Peter Trei

Yeah, I know it's tacky to followup ones own messages, but I found a little more: http://www.abit.com.tw/abitweb/webjsp/english/SecureIDE.htm "SecureIDE is a encryption device that uses the eNOVA X-Wall chipset that ensures confidentiality and privacy of your data through disk encryption. When booting up your system, go to DOS and implement the FDISK instruction. This instruction will make a partition to format the Hard Disk to accept the secure IDE key. After this procedure, there are no more extra steps to perform besides using the key to "open" the hard disk each time you boot up your system." The accompanying diagram shows a daughterboard sitting between the HD and the system, with a USB dongle coming off the side. eNova has more info at: http://www.enovatech.com/w/html/about.htm The USB dongle apparently acts only as a key store, for a DES or 3DES key. It needs to be present at boot time. It appears that the key is put on the device by the manufacturer !!!! though they promise "Enova Technology does not maintain a database of X-Wall Secure Keys". On the good side, it seems to encrypt the whole disk, including the boot sector and swap. No info on chaining modes, if any, nor of IV handling. There is no mention of a PIN or other 'something you know' required to use the USB key. I can't tell if pulling the dongle shuts down the system. Might be neat, but as yet, insufficient information. Peter