this post was submitted on 22 Oct 2023
384 points (95.5% liked)

Technology

59578 readers
2917 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Tested: Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45%::Windows 11 Pro defaults to BitLocker being turned on, using software encryption. We've tested the Samsung 990 Pro with hardware encryption to show how the various modes impact performance, and how muc

you are viewing a single comment's thread
view the rest of the comments
[–] MooseBoys@lemmy.world 44 points 1 year ago (3 children)

Deliberately using software encryption mode is slow; no shocker there. Their same testing showed no significant difference when hardware encryption mode was used.

[–] Spotlight7573@lemmy.world 11 points 1 year ago

There's a reason they default to software though, the hardware can't be trusted:

https://www.tomshardware.com/news/bitlocker-encrypts-self-encrypting-ssds,40504.html

Those people were actually worse off than anticipated because Microsoft set up BitLocker to leave these self-encrypting drives to their own devices. This was supposed to help with performance--the drives could use their own hardware to encrypt their contents rather than using the CPU--without compromising the drive's security. Now it seems the company will no longer trust SSD manufacturers to keep their customers safe by themselves.

Linked from that article:

https://www.zdnet.com/google-amp/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/

Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.

[–] jvisick@programming.dev 7 points 1 year ago

Sure, but I suspect this is the real motivation for the article:

Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

[–] MrPoopbutt@lemmy.world 4 points 1 year ago (1 children)

How does one use hardware encryption? Is that a feature that is ssd dependent?

[–] Spotlight7573@lemmy.world 5 points 1 year ago (1 children)

It's SSD dependent and implementation quality may vary between manufacturers and models. Some may not actually protect your data all that well from someone trying to access your data, hence Microsoft defaulting to software they know works.

[–] KairuByte@lemmy.dbzer0.com 1 points 1 year ago

Most SSDs don’t even have hardware level encryption.