Some SSDs advertise support for “hardware encryption.” If you enable BitLocker on Windows, Microsoft trusts your SSD and doesn’t do anything. But researchers have found that many SSDs are doing a terrible job, which means BitLocker isn’t providing secure encryption.
Many SSDs Don’t Implement Encryption Properly
Even if you enable BitLocker encryption on a system, Windows 10 may not actually be encrypting your data. Instead, Windows 10 may be relying on your SSD to do it, and your SSD’s encryption may be easily broken.
That’s the conclusion from a new paper by researchers at Radbound University. They reverse engineered the firmwares of many solid-state drives and found a variety of issues with the “hardware encryption” found in many SSDs.
The researchers tested drives from Crucial and Samsung, but we definitely wouldn’t be surprised if other manufacturers had major issues. Even if you don’t have any of these specific drives, you should be concerned.
For example, the Crucial MX300 includes an empty master password by default. Yes, that’s right—it has a master password set to nothing, and that empty password gives access to the encryption key that encrypts your files. That’s crazy.
The encrypted SSD has a master password that’s set to “”. But don’t worry, customers, you can turn it off! Everything will be fine. pic.twitter.com/hSlPCMyHsi
— Matthew Green (@matthew_d_green) November 5, 2018
BitLocker Trusts SSDs, But SSDs Aren’t Doing Their Jobs
This wouldn’t normally matter—after all, who uses the hardware encryption on an SSD? Windows users would use BitLocker instead. And BitLocker encrypts the files before storing them on the SSD, right?
No comments:
Post a Comment