Tested: Windows 11 Pro’s On-By-Default Encryption Slows SSDs Up to 45%::Windows 11 Pro defaults to BitLocker being turned on, using software encryption. We’ve tested the Samsung 990 Pro with hardware encryption to show how the various modes impact performance, and how muc
I don’t know the answer to this, but somehow I trust apple more to get this right. They make money primarily on hardware, so they have a vested interest in making sure it works properly.
Edit - lol apparently I am wrong
Except for the fact that I’m right. Apparently I struck some kind of nerve. Apple is good at hardware. I use a pixel and I can admit this. They know what they are doing.
You’re right, but not for the reason you’re citing. Apple has its own T2 Secure Enclave which performs encryption. Microsoft relies on the TPM for hosting the keys, but does not use AFAIK hardware encryption and thus slows down significantly.
This article: https://eclecticlight.co/2023/03/03/whats-the-overhead-of-using-apfs-encryption/ shows that for an external drive the overhead on MacOS for encryption is insignificant (less than 5%) in most cases. That’s significantly better than Microsoft.
Even before Apple added custom chips, just using the intel AES instructions, their encryption performance penalty was like 3% https://archive.techarp.com/showarticle0037.html?artno=877&pgno=1
Microsoft is doing something very wrong to end up with this much overhead
It’s understandable that MS use software implementation for their disk encryption by default. Can’t trust 3rd party hardware vendors to not messing up the hardware encryption feature.
The T2 chip is only in Intel Macs. ARM Macs have the Secure Enclave too but it’s part of the main SoC, not a dedicated chip.
doing hardware encryption is not doing encryption right. the user is prone to end with encryption that has unpatchable security issues. of course that it is faster, but if I’m doing encryption speed is not a concern. I just wanted to keep it secure. And software encryption let’s me choose the software and algorithm to do that. Apple doesn’t.
You aren’t who they are making computers for. They want fast encryption, not something customizable like Linux.
Apple’s philosophy is “it just works.” Not “yeah it works eventually after you figure out what kind of encryption you want and compromise speed for the sake of security.”
Like I get what you are saying. For a power user, it is not ideal. But for most people, Apple’s hardware solution is fantastic.
they’re downvoting you because your logic was “apple does hardware so they must know better” and trusting a big corp to do your encryption better is kind of innocent.
anyway, seeing that they do hardware encryption, they are right to downvote you. I’m not with Microsoft either, bitlocker is probably backdoored, but hey, at least you’re not trusting your hardware manufacturer to actually maintain an up-to-date secure firmware.