Tested: Windows 11 Pro’s On-By-Default Encryption Slows SSDs Up to 45%::Windows 11 Pro defaults to BitLocker being turned on, using software encryption. We’ve tested the Samsung 990 Pro with hardware encryption to show how the various modes impact performance, and how muc

  • @Spotlight7573
    link
    English
    111 year ago

    There’s a reason they default to software though, the hardware can’t be trusted:

    https://www.tomshardware.com/news/bitlocker-encrypts-self-encrypting-ssds,40504.html

    Those people were actually worse off than anticipated because Microsoft set up BitLocker to leave these self-encrypting drives to their own devices. This was supposed to help with performance–the drives could use their own hardware to encrypt their contents rather than using the CPU–without compromising the drive’s security. Now it seems the company will no longer trust SSD manufacturers to keep their customers safe by themselves.

    Linked from that article:

    https://www.zdnet.com/google-amp/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/

    Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

    The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.