Some SSDs have had their full-disk encryption password be 32 NULL bytes, no matter your input 🤦‍♂️ (PDF)

@x0rz "why don't we use the SSDs that have encryption support?"

Yeah, that's why.

@rysiek @x0rz 32 x NULL looks way too much like getRandom() { return 4; }

can the companies making these SSD be sued for false advertising?

@x0rz "BitLocker, the encryption software built into Microsoft Windows
will rely exclusively on hardware full-disk encryption if
the SSD advertises supported for it. Thus, for these drives, data
protected by BitLocker is also compromised." Tu es sur de ton "BitLocker will offload encryption when available" sur twitter ?

@x0rz I guess as soon as bitlocker doesn't use Hardware Encryption, we're fine. To check : "manage-bde -status c:" should NOT return "Hardware Encryption" after "Encryption Method" (on win10 at least)

@Nono Oui, c'est exactement ce que je dis. "BitLocker will offload encryption on hardware when available" - si la fonction est prise en charge par le SSD, alors le chiffrement ne sera pas software mais hardware, de manière transparente pour l'utilisateur

@x0rz ah, désolé, erreur de compréhension sur le "offload". Merci pour l'info :)

@x0rz bon, mon SSD supporte le 'hardware encryption' mais mon bitlocker ne l'utilise pas ... #3615mylife

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!