Microsoft stops trusting SSD maker hardware encryption

Printable View

30-09-2019, 11:11 AM
HEXUS

Microsoft stops trusting SSD maker hardware encryption

Quote:

Makes software encryption the default for newly encrypted drives.

Read more.
30-09-2019, 11:41 AM
azrael-

Re: Microsoft stops trusting SSD maker hardware encryption

Because Microsoft has such a stellar record when it comes to bug-free code...
30-09-2019, 11:52 AM
Tabbykatze

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by azrael-

Because Microsoft has such a stellar record when it comes to bug-free code...

That doesn't exonerate the SSD manufacturers.

Because one doesn't have a stellar record doesn't excuse the issues found in others.
30-09-2019, 01:00 PM
Dashers

Re: Microsoft stops trusting SSD maker hardware encryption

Fantastic straw-man argument there azrael.

It's a great shame the people tasked with implementing security have such a poor understanding with the fundamentals (such as not using a generic password for everybody).
30-09-2019, 01:46 PM
chinf

Re: Microsoft stops trusting SSD maker hardware encryption

More importantly - should we trust any closed & proprietary security platform that has no credible, comprehensive and continuous independent security auditing, regardless of manufacturer?
01-10-2019, 09:09 AM
azrael-

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by Tabbykatze

That doesn't exonerate the SSD manufacturers.

Because one doesn't have a stellar record doesn't excuse the issues found in others.

I quite agree with you on this. It's just with all the bungled updates, bugs and what not courtesy of Microsoft they probably shouldn't pretend to know better. I orginally intended to state "Pot, meet Kettle". Perhaps I should have.

Quote:

Originally Posted by Dashers

Fantastic straw-man argument there azrael.

It's a great shame the people tasked with implementing security have such a poor understanding with the fundamentals (such as not using a generic password for everybody).

Not quite sure what you mean with "straw-man argument". I'm not defending manufacturers of SSDs. I just believe Microsoft should take care of their own flaws before pointing the finger.

Quote:

Originally Posted by chinf

More importantly - should we trust any closed & proprietary security platform that has no credible, comprehensive and continuous independent security auditing, regardless of manufacturer?

Very well said, tbh.
01-10-2019, 10:45 AM
Tabbykatze

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by azrael-

I quite agree with you on this. It's just with all the bungled updates, bugs and what not courtesy of Microsoft they probably shouldn't pretend to know better. I orginally intended to state "Pot, meet Kettle". Perhaps I should have.

There's a big difference between bugs in millions of lines of code and secure enclave having a bug that allows you to reset all the encryption keys on a drive giving you full access to the encrypted contents.
01-10-2019, 11:00 AM
Mr_Jon

Re: Microsoft stops trusting SSD maker hardware encryption

So...if one has a drive that they have deemed untrustworthy, does bitlocker need turning off and on again to benefit from the update?
01-10-2019, 11:57 AM
azrael-

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by Tabbykatze

There's a big difference between bugs in millions of lines of code and secure enclave having a bug that allows you to reset all the encryption keys on a drive giving you full access to the encrypted contents.

Not really. I'm saying this as a developer ...fighting bugs on a daily basis. A bug is a bug.

TBH, if I really wanted software encryption I'd probably use VeraCrypt. At least that *is* open source and independently audited.
01-10-2019, 12:25 PM
Tabbykatze

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by azrael-

Not really. I'm saying this as a developer ...fighting bugs on a daily basis. A bug is a bug.

TBH, if I really wanted software encryption I'd probably use VeraCrypt. At least that *is* open source and independently audited.

Bitlocker is independently audited and is trusted as an industry standard for Windows products, just as FileVault 2 is for Mac.

Just because it's "Open Source" does not make it better or even more trustworthy, look at OpenSSL and Heartbleed.

As a developer, then you should know the difference between a bug causing an issue and an egregious design flaw resulting in security being classified as "null".
16-12-2019, 11:12 AM
tankizzy

Re: Microsoft stops trusting SSD maker hardware encryption

Quote:

Originally Posted by Tabbykatze

Bitlocker is independently audited and is trusted as an industry standard for Windows products, just as FileVault 2 is for Mac.

Just because it's "Open Source" does not make it better or even more trustworthy, look at OpenSSL and Heartbleed.

As a developer, then you should know the difference between a bug causing an issue and an egregious design flaw resulting in security being classified as "null".

I've never tried mentioned software. As it is free and included as a feature on Windows it doesn't seem like the best option. I think that it's better to try some third part solutions for higher security. For example, Nordlocker is a great tool to help with this matter.