• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Windows 10 Bitlocker will use software encryption by default on SSDs

biffzinker

biffzinker

Joined
Mar 23, 2016
Messages
4,919 (1.47/day)
System Specs
Processor Intel Core i7-13700 PL2 150W
Motherboard MSI Z790 Gaming Plus WiFi
Cooling Cooler Master RGB Tower cooler
Memory Crucial Pro DDR5-5600 32GB Kit OC 6600
Video Card(s) Gigabyte Radeon RX 9070 GAMING OC 16G
Storage 970 EVO NVMe 500GB, WD850N 2TB
Display(s) Samsung 28” 4K monitor
Case Corsair iCUE 4000D RGB AIRFLOW
Audio Device(s) EVGA NU Audio, Edifier Bookshelf Speakers R1280
Power Supply TT TOUGHPOWER GF A3 Gold 1050W
Mouse Logitech G502 Hero
Keyboard Logitech G G413 Silver
Software Windows 11 Professional v24H2
Techspot said:
Most people who buy SSDs and use the baked in hardware encryption capabilities as provided by manufacturers trust their data to be safe. However, it turns out the firmware on these devices is prone to relatively simple attacks that offer hackers an easy way to access your data, so Microsoft is changing the default Windows 10 behavior to use software-based AES encryption regardless of any encryption done internally by the SSD itself.

SSDs are getting faster and cheaper every year, but there's one feature that is as important to professionals, and that is security and encryption. Judging by a security advisory issued by Microsoft last year, it looks like manufacturers are leaving a lot be desired in that regard.
Click to expand...

Techspot said:
The company received many reports of vulnerabilities in the hardware encryption used by self-encrypting drives, so it made some changes with a recent Windows 10 update to enable software encryption by default on any newly connected SSDs. This was discovered by SwiftOnSecurity, who believes Microsoft no longer trusts SSD manufacturers after research has shown that firmware can be easily exploitable thus making locked down data accessible. Even more concerning is that manufacturers like Seagate expose the update process so much that a determined hacker can easily compromise a storage drive.
Click to expand...

Windows 10's Bitlocker feature will now use software encryption on SSDs by default

SSDs are getting faster and cheaper every year, but there's one feature that is as important to professionals, and that is security and encryption. Judging by a...
www.techspot.com
 
Meh. If they really care about encryption, and insist on hardware, they'll use an OPAL cert'd drive anyways.

Hardware encryption just isn't trustworthy these days, though. The chips are black boxes, and that's bad.
 
Maybe a hidden volume inside another encrypted volume or drive would help in the case of a stolen laptop. This would not apply to a (complete) boot drive as the OS would not be able to get in.
 
R-T-B said:
Meh. If they really care about encryption, and insist on hardware, they'll use an OPAL cert'd drive anyways.

Hardware encryption just isn't trustworthy these days, though. The chips are black boxes, and that's bad.
Click to expand...

yeah even in the sec field I don’t even think I can name any of my colleagues that use the built in encryption
 
Bayfront Benny said:
Maybe a hidden volume inside another encrypted volume or drive would help in the case of a stolen laptop. This would not apply to a (complete) boot drive as the OS would not be able to get in.
Click to expand...

Someone hasn't met Truecrypt/veracrypt.

That's software encryption, and hardware encryption is likewise bootable. Not much isn't anymore.
 
You must log in or register to reply here.
Back
Top