Tested: Windows 11 Pro’s On-By-Default Encryption Slows SSDs Up to 45%::Windows 11 Pro defaults to BitLocker being turned on, using software encryption. We’ve tested the Samsung 990 Pro with hardware encryption to show how the various modes impact performance, and how muc

  • MooseBoys@lemmy.world
    link
    fedilink
    English
    arrow-up
    44
    ·
    1 year ago

    Deliberately using software encryption mode is slow; no shocker there. Their same testing showed no significant difference when hardware encryption mode was used.

    • Spotlight7573@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      There’s a reason they default to software though, the hardware can’t be trusted:

      https://www.tomshardware.com/news/bitlocker-encrypts-self-encrypting-ssds,40504.html

      Those people were actually worse off than anticipated because Microsoft set up BitLocker to leave these self-encrypting drives to their own devices. This was supposed to help with performance–the drives could use their own hardware to encrypt their contents rather than using the CPU–without compromising the drive’s security. Now it seems the company will no longer trust SSD manufacturers to keep their customers safe by themselves.

      Linked from that article:

      https://www.zdnet.com/google-amp/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/

      Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

      The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.

    • jvisick@programming.dev
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      1 year ago

      Sure, but I suspect this is the real motivation for the article:

      Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

      It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

      • Spotlight7573@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        1 year ago

        It’s SSD dependent and implementation quality may vary between manufacturers and models. Some may not actually protect your data all that well from someone trying to access your data, hence Microsoft defaulting to software they know works.