SSD "encryption"
2018-11-06 15:40:46.396166+00 by Dan Lyke 0 comments
A paper [PDF] drawn up by researchers Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands, and made public today, describes these critical weaknesses. The bottom line is: the drives require a password to encrypt and decrypt their contents, however this password can be bypassed, allowing crooks and snoops to access ciphered data.
Seems to impact several models of Crucial and Samsung SSDs, and Bitlocker.
There's also the more general problem that architecture should allow unencrypted data on as few external buses as possible, so any solution which puts the encryption in the disk hardware is a bad idea. But this is pretty much dong nothing.