Friday , April 23 2021

Encrypted disk contents are not actually encrypted

Published: 7.11.2018 12:00 | Topics: ssd, security

Researchers at the Radboud University of the Netherlands have discovered that very few SSD drives that enable hardware encryption of content have been superficially implemented.

They found a hardware firmware for several SSDs (accounting for about 50% of today's SSDs) and found that hackers can read content on drives without typing any kind of password or encryption key. They argue that the content on one disk was unlocked with "any password" because the check system did not work at all, but on the other, entering a blank password, so just press the Enter key.

In the report, such unstable SSD drives explicitly listed Crucial (Micron) MX100, MX200, MX300, Samsung T3 and T5 external USB disks and Samsung 840 EVO and 850 EVO.

The story has not ended yet – it continues with Microsoft and their BitLocker to encrypt the disk, which is part of Windows (including Windows Server). When a user (or company system administrator) decides to encrypt a disk with Bitclocker, the latter checks whether the SSD is available with hardware encryption and is automatically used. BitLocker encryption automatically becomes "SSD disk encryption" in this case, which, as we have already written, sucks.

Microsoft has already issued a security warning in that direction, which recommends using the Windows group policy to select BitLocker encryption software. Actually, the correct procedure is more complicated because the disk must first be decrypted, changed the rules for the encryption and re-encryption groups.

Dutch researchers warned the SSD error messages a few months ago and at that time upgraded the firmware "wherever possible". They also recommend that instead of locksmith manufacturers such as Bitlocker, we like to use open source products such as VeraCrypt.

Subscribe to regular weekly or monthly notices of new posts on our website!
Sign in

Source link