this post was submitted on 22 Oct 2023
387 points (95.3% liked)

Technology

59148 readers
2260 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
387
Tested: Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45% (www.tomshardware.com)
submitted 1 year ago by [email protected] to c/[email protected]
63 comments fedilink hide all child comments
 

Tested: Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45%::Windows 11 Pro defaults to BitLocker being turned on, using software encryption. We've tested the Samsung 990 Pro with hardware encryption to show how the various modes impact performance, and how muc

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 45 points 1 year ago (3 children)

Deliberately using software encryption mode is slow; no shocker there. Their same testing showed no significant difference when hardware encryption mode was used.

[–] [email protected] 11 points 1 year ago

There's a reason they default to software though, the hardware can't be trusted:

https://www.tomshardware.com/news/bitlocker-encrypts-self-encrypting-ssds,40504.html

Those people were actually worse off than anticipated because Microsoft set up BitLocker to leave these self-encrypting drives to their own devices. This was supposed to help with performance--the drives could use their own hardware to encrypt their contents rather than using the CPU--without compromising the drive's security. Now it seems the company will no longer trust SSD manufacturers to keep their customers safe by themselves.

Linked from that article:

https://www.zdnet.com/google-amp/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/

Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.

[–] [email protected] 7 points 1 year ago

Sure, but I suspect this is the real motivation for the article:

Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

[–] [email protected] 4 points 1 year ago (1 children)

How does one use hardware encryption? Is that a feature that is ssd dependent?

[–] [email protected] 5 points 1 year ago (1 children)

It's SSD dependent and implementation quality may vary between manufacturers and models. Some may not actually protect your data all that well from someone trying to access your data, hence Microsoft defaulting to software they know works.

[–] [email protected] 1 points 1 year ago

Most SSDs don’t even have hardware level encryption.