[FDE] tablets again

Bryan Glancey bryan at mobilearmor.com
Thu Jul 26 08:53:36 MDT 2007 

The Cannot part is not true. The Pen drivers can be loaded into the
Pre-boot environment. We do it today.

Regards;

Bryan

------------------------------------
Mobile Armor
Bryan E. Glancey
Co - Founder & Chief Technology Officer
bryan at mobilearmor.com
400 South Woods Mill Rd.
Suite 110
Chesterfield, MO 63017
tel: 877-276-6778
fax: 877-277-7369
mobile: 314-495-2048
http://www.mobilearmor.com/
------------------------------------


-----Original Message-----
From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com]
On Behalf Of Michael Jardine
Sent: Wednesday, July 25, 2007 4:12 PM
To: fde at www.xml-dev.com
Subject: Re: [FDE] tablets again

       Robin,
         
         I too have a Thinkpad X60 and can confirm that a truly secure
pre-boot authentication does not (and cannot) work in tablet mode
because
you are authenticating to the computer before the operating system has
access.  The only way to get around this would be to load pen drivers
into
the pre-boot environment.   However with the X60 you can authenticate
using
the keyboard, then go into tablet mode.  Is there a reason why you
cannot
start off in keyboard mode?
         This may be off topic, but I had issues with the fingerprint
reader
on my X60.  When I put the computer into standby mode, about half the
time
it would then freeze the system upon resuming. I believe this is related
to
how the fingerprint reader re-authenticates to the system after it goes
into
standby, during which time the hard drive is still powered. In the end,
it
is more secure to simply go into Hibernation.  However you would have to
configure this manually if you purchase a computer that has a licensed
OEM
version of Microsoft Windows since the default is always standby when
closing the cover.  When considering FDE software, be sure to check how
it
behaves when resuming from both standby mode and from hibernation.
      
   
   Regards,
   Michael Jardine
   SECUDE IT Security - Seattle
   
   
   -----Original Message-----
From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com]
On
Behalf Of robin
Sent: Wednesday, July 25, 2007 6:14 AM
To: fde at www.xml-dev.com
Subject: [FDE] tablets again
   
   I found out the hard way that tablets and fde are not a good combo.
We 
   would like to use pre-boot authentication with a password on tablets
in
   tablet mode (no keyboard). Ideally this would not involve
fingerprints.
   if we HAVE to I guess we could use usb tokens. I am finding that this
is
   not a piece of cake and it may be that there is NO product in
existence
   that can handle the scenario of entering the id/password via a screen
   keyboard. Is there?
   
   The possible choices for laptops are gateway m285e and lenovo x60.
(No 
   levono does NOT provide fde in the "client security center" as they 
   apparently did in the x41 despite being incorrectly told that they do
by 
   a sales rep. They say that it can be done with an additional product 
   from utimaco but I can't find anything that describes how that works 
   anywhere. If how it works is via the fingerprint reader then forget 
   that. [I personally have never been able to get my fingerprints to
pass 
   one of those on any vendor's model so I'm definitely not going to try
to 
   get users to do it over the phone.)If it works via usb smart card
then I 
   guess we have to deal with the losing tokens scenario which I'd
really 
   rather not deal with :-(
   _______________________________________________
   FDE mailing list
   FDE at www.xml-dev.com
   http://www.xml-dev.com/mailman/listinfo/fde

_______________________________________________
FDE mailing list
FDE at www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde

More information about the FDE mailing list