The encrypted contents of the disk are not really … encrypted


Posted: 7/11/2018 12:00 Topics: ssd, security

Researchers from the University of Radboud in the Netherlands have discovered that many SSD manufacturers that enable hardware encryption have been implemented very superficially.

They found firmware for several SSDs (a total of about 50% of today's SSDs) and found that hackers can read content on disks without entering any password or encryption key. They claim that content on one disc was unlocked with "any password" because the verification system did not work at all, but on another one, entering a blank password, so it was necessary to press the Enter key only.

In the report, such unsecured SSDs are explicitly mentioned on Crucial (Micron) MX100, MX200, MX300, Samsung T3 and T5 discs as well as Samsung 840 EVO and 850 EVO discs.

The story is not over yet – continues Microsoft and Bitlocker encryption, which is part of Windows (including Windows Server). When a user (or system administrator in a company) decides to encrypt a disk using Bitclocker, the latter checks whether the SSD is available with hardware encryption and is automatically used. Encryption Bitlocker automatically becomes "SSD encryption" in this case, which, as we have already mentioned, is sucked in.

Microsoft has already issued a security warning in this direction, recommending that you use the Windows Group Policy to select the Bitlocker encryption program. The correct procedure is more complicated because the disk must first be decrypted, group policies changed to encrypt and then re-encrypt.

Dutch scientists warned SSDs about the error messages a few months ago, and at that time the firmware update is available "as far as possible". They also recommend that instead of a manufacturer of closed products such as Bitlocker, we would prefer, for example, to use open-source products such as VeraCrypt.

Sign up for regular weekly or monthly notifications about new entries on our site!
Sign In


Source link