How to send banking documents securely over e-mail

When you’re getting a loan, sometimes you have to send documents like bank statements electronically. If you want the money in those bank accounts to actually stay there, you need to protect those documents before you send them.

There are three relatively easy ways to do it, depending on what software you and the person on the other end have.

Read more

Ways to keep your password from being guessed–today

Articles like Ars Technica’s Why passwords have never been weaker — and crackers have never been stronger are getting more and more common these days.

In a positive development, I don’t think the story had been live more than an hour or two before people started asking me questions. That’s good, because that tells me that people care.
Read more

Don’t let what happened to Mat Honan happen to you

Technology journalist Mat Honan infamously had his entire digital life hacked and erased this week. Slate published some advice to keep the same from happening to you, and my former classmate and newspaper staff mate Theo Hahn asked me to comment.

Read more

Using ATA Security eXtension BIOS to add hard drive password protection

Most desktop PCs don’t have the ability to set an ATA password in the BIOS, precluding you from enabling the onboard AES-128 encryption in a drive like the Intel 320 SSD.

If you’re willing to hack your BIOS or burn a boot ROM to put in a network card, Arne Fitzenreiter has ATA Security eXtension (ATASX, or ATA SX)–a way for you to add that support to computers that lack it. Read more

More on the new Intel 320 SSD

A few weeks ago, my security go-to guy, Rich P., bought a new Intel 320 SSD for his netbook.  With my encouragement, of course. It finally arrived this weekend, and he installed it. Rich reports not only faster speed, but also a 30-minute improvement in battery life over the WD Scorpio Black it replaced.

He told me the secure erase function, to enable AES, had a snag. But he solved it. I’m documenting it here in case you ran into the same thing he did.
Read more

Intel’s and Sandforce’s AES-128 encryption is useful, but not for what you think

I spent some time this week with a coworker looking into the AES-128 encryption in current Sandforce and upcoming Intel 320 SSDs, and we’ve concluded it’s no substitute for software full-drive encryption.

This is important, so we’ll talk about it further.

Read more

SSDs and built-in encryption–and how to enable it

Update: This entry was based on preliminary information that turned out to be incorrect. Please see the following update.

One of the last knocks on SSD performance is that they don’t perform well with full-drive encryption. But on Sandforce 1200- and 2200-based drives, and the next-generation Intel 320 drives introduced today, that’s not an issue anymore. Encryption happens on the drive, in hardware, with no performance penalty.

The problem was that nobody talked about how it works. I found the details buried in Anandtech’s review of the Intel 320 drive. The takeaway is this: If you set your BIOS password, the drive will be unreadable if you remove it and put it in another system. Update: No it won’t. But you can add ATA password support, under some circumstances.
Read more