Self-Encrypting drives, TPM, and 2011 MacBook Pro?

[Morty_DE]

Dear all,

 

First post -- I tried searching, but as an old Windows hand I couldn't really find anything.

 

On 'PCs' there is support for Self-Encrypting Drives (SED) when the PC has a Trusted Computing Module (TPM) on the motherboard. This works so:

 

• I enable the TPM module, and set a BIOS password.
  
• The TPM module sends ATA security commands to the SED drive, which sets the SED drives encryption engine to use this password.
  
• The SED drive encrypts/decrypts all data written/read with an AES encryption, based on the password.
  

The upside -- all data on the HDD is securely encrypted, and a password is required at each boot in order to boot/unlock the PC. And this is 100% transparent/unnoticeable to the operating system and all applications.

 

Now, I would like to switch to a MacBook Pro, with an Intel 320 SSD (which supports SED), and OSX 10.7. However, I'm required to have strong encryption of everything that is stored on a notebook (which can more easily get lost / be stolen).

 

Can anyone tell me, does Apple hardware fully support SED drives? If not, what is the most "integrated", least cumbersome way of using full disk encryption on OSX 10.7?

 

Thank you -- I'm looking forward to ditching Windows!

[vboyz]

You can use the Full Disk Encryption feature of Lion to encrypt EVERYTHING on the hard drive. Note: this requires you have to reinstall Lion. I used FDE and don't notice any performance decrease.