The disk-encryption facility in FreeBSD-5.0, “geom-crypt”, was designed to give the best possible protection to on-disk stored data and to the person(s) holding key-material to this disk. Designed for strength rather than speed, it provides many features not commonly found in disk-encryption software: In addition to the basic privacy (protecting the data), it features optional facilities for steganography (hiding the fact that the data is there in the first place), multiple key access (allowing a company to have a master-key), blackening (rapid destruction of the key material), provable blackening (proof that the key is no use any more), volatility (“will self-destruct in 5 seconds”) and decoy updates (pretending sectors were modified).