
My Encrypted SSD Drive Can Be Unlocked by Anyone? - transpute
https://medium.com/asecuritysite-when-bob-met-alice/doh-what-my-encrypted-drive-can-be-unlocked-by-anyone-a495f6653581
======
stamps
"So while the usage of TrueCrypt has faded, especially when its open source
developers gave up maintaining the code, it has been up to Microsoft BitLocker
to take over and become the tool of choice for encrypting disk drives."

That made me bit worried there'd be no mention of Veracrypt later in the post.

------
jsiepkes
> A particular risk is Windows BitLocker — which has a virtual monopoly in the
> market place for complete disk encryption — as it often relies on the
> hardware encryption used in the SSD drives.

Seriously? Microsoft trusts SSD / HDD firmwares to do what they claim? SSD
firmware is often just as bad as most UEFI implementations. I mean, they must
know that, right? I can't believe they would be that naive?

~~~
eikxyz
For businesses, security is mostly about having someone to blame. If Microsoft
did not leverage the hardware encryption capabilities in the drives they would
end up being responsible for the performance not being as good.

In the world of proprietary black boxes, security is evaluated by the claims
of the product sheet.

Microsoft is trusting SSD manufacturers to do the right thing, just as
businesses are trusting Microsoft BitLocker to do the right thing.

Personally I trust Microsoft to make decisions that are good for their stock
holders. That means having just enough security to avoid ending up with the
blame in cases like this.

Samsung's lawyers are probably brain storming ways to get back at those pesky
security researchers who made them look bad.

------
beatgammit
> along with hardware encryption

Why? Why not just use software encryption?

------
philistine
The article fails to mention Apple. Are they affected by this?

