Seagate now offers a 2.5" SATA drive with hardware encryption. Although it isn't yet ready for Windows Vista, the encryption doesn't affect performance, and we found it a solution worth considering for businesses.
As a matter of fact, Vista was not ready for the Seagate drive. Interesting note: The Seagate Momentus FDE.2 is now available for the Vista OS. The OEMs shipping FDE.2 drives have the Vista patch available.
While the SECUDE solution is a viable solution it nevertheless lacks the fundamental TPM management capabilities. A better solution is the one from Wave Systems ( http://www.wave.com ) for client and concurrent centralized management of TPMs and FDE.w hard drives. This solution is shipping from Dell and NEC today.
1) if the encryption can be removed from windows, then it isn't the bits on the drive that's encrypted, but rather the data sent from the firmware to the controller that is? If such were the case, one'd assume a hacked firmware could become available effectively voiding the encryption....
2) How's the options for fixing a broken windows ? Let's face it, getting the wrong driver update from microsoft update, or human error in some way or another might cause the need for a recovery console booted from the windows cd - would that be possible? Seeing you're not really using the boot partition on the harddrive, but rather the bootloader from the cd, I assume you've not initialized the encryption? Or would it require booting using the boot partition, get the bluescreen, and warmboot onto the cd?