For those not following the consumer SSD market closely, this is a bit of an upset. Previously, Samsung was king and basically unchallenged on price/performance for mainstream and high performance loads. Now we've got Western Digital, previously seen as a spinning rust king with an SSD side business, coming in and making an extremely competitive offering. While they're not strictly better, they're the best the market has seen from outside Korea or Intel.
If you want to quickly get the long-short of the review, check out the 'Destroyer' benchmark[0] and the price/gb chart[1]. Though I recommend reading the entire thing, anandtech reviews are a treat.
As a side note, WD bought SanDisk. While they had bought STEC before this, SanDisk brought scale and much larger engineering force. WD had a great brand, and these two things may work together for them.
Not to mention that Sandisk’s reliability and firmware was (is) a great measure better than Samsung’s - which has more than its share of problems and scandals.
In comparison to general processing, I haven't been keeping up with advancement in SSD/flash memory technology very much. Is the market still the cut-throat low margin hell hole I remember it being, or has technological improvement slowed to a point where performance gain is now much more difficult to achieve?
It's both, depending on the segment. The vast majority of SSD controllers can easily saturate the SATA bus, so there's not really much room for differentiation in 2.5"/M.2 SATA drives. But when you've got a PCIe-3 x4 bus to work with, as is the case for the NVMe drives being compared in this article, it's a whole different ball game. There the bottleneck is the controller (and to a much lesser extent, the flash itself). For a while Samsung was really the only game in town, as far as high-end performance goes, but it seems like WD has finally got a worthy competitor. Now it just remains to be seen how well the drives hold up (bad controller firmware can put up high performance numbers at the expense of the longevity of the flash (aka your data)).
The NAND industry went into a severe shortage (as NAND goes) along with DRAM. However, NAND shortage happened due to 2D to 3D. While 3D allows for high cell density, it also made Capex go from about 8B to around 25B as an industry. One of the reason Lam stock price has been on a tear. NAND spot pricing went up somewhere between 200-300% for like on like technology. Margins exploded, and the industry grew larger than any forecasts. There is a big debate on if the margins will stay high. While DRAM is still edging up, we may have seen some lowering of NAND pricing. So cost reduction is coming from mixing to MLC and TLC with better architectures in the same package.
It has stabilized into a modest margin business for the few big companies that dominate it. Very similar to how the HDD market did. Based on the margins Western Digital has been seeing lately, I'd say it's even more lucrative.
Western Digital almost has 20% operating income margins at this point, that's a notch below where Intel is typically at (25%-30%) and comparable to Cisco. Their latest two quarters saw them generate $1.85 billion in operating income on $10.5 billion in sales. Not bad.
Is this monopolistic/cartel-like in nature, or is purely due to the costs of capital expenditures for research and development? Also, https://en.m.wikipedia.org/wiki/Pork_cycle.
Samsung supports AES-256 hardware encryption on pretty much all their drives I don't see that on these WD / Sandisk products that is kind of a deal breaker for me.
Personally, I now prefer to do crypto using FOSS software, even if it means a CPU performance hit. Who knows which crypto library is being used with hardware? I had certainly never heard of Infineon's RSALib before CVE-2017-15361 caused me to have to revoke one of my RSA keys that was generated on a Yubikey.
Now I'm not one to go quoting ESR, but it's essentially because FOSS crypto software is widely used and has had a lot of eyeballs on it. Clearly that doesn't grant it immunity from bugs, but given my recent experiences, I'm a lot less trusting of hardware manufacturers to get crypto right.
I'm familiar with the sentiment but there are numerous high profile CVE's in the past decade that persisted in FOSS for long periods despite wide use and many eyes. The only hardware one I'm aware of is the YubiKey.
I think we agree that the many eyes maxim isn't as big of a factor as some might make it out to be, perhaps it's more of a "the devil you know" situation. With hardware there isn't a lot of transparency around the implementations that are used, so it just makes me feel uncertain. I'd rather throw my lot in with OpenSSL and GPG than unknown library X.
Also, it wasn't just Yubico products that were impacted by the vulnerability. It was estimated that 25% of all TPM devices globally were impacted, which adds up to millions of smartcards.
One annoying thing is that Samsung NVMe drives do not support the things that would allow Microsoft Bitlocker to use the drive's hardware encryption and just manage the keys.
It's quite surprising if WD does not have the build-in encryption(). Typically the secure erase on the drives is using this. For example on Samsung the data is always encrypted and doing a secure erase means just generating new encryption key and removing the old one. On SSD this is pretty crucial, because you can't wipe the contents by just writing random stuff on drive. The drive is managing the writes (wear leveling algorithms) and might not actually overwrite existing data.
() Of course it is be possible that they have this internally, but just don't expose the password part to user. Could not see anything on the specs on quick search.
It doesn't say it does on the spec and doesn't have a PSID printed on the label in the photo which are two strong indicators that it doesn't support it.
So you run without OS level FDE and trust a drive level crypto function? How does key management work, do you input the AES key at a firmware prompt on boot / wake from sleep, or is there transparent OS support for this?
If you are talking about a drive following the TCG OPAL spec there is typically a Data Encryption Key (DEK) and an Access Key. The DEK is generated in the drive and never leaves it. The DEK is encrypted with the access key that the user specifies. sedutil is an open source project that works with these drives it is OS agnostic.
On laptops with an FDE disk, there's a password prompt on bootup (not wakeup from suspend to RAM - possibly configurable) before you can do anything else with the machine. Seen on Dell E models and Thinkpad T models.
Sounds like it's pretty easy to compromise this kind of encryption if you steal a laptop that's suspended [1].
One of the easiest attacks mentioned is to just keep the drive powered and plug the sata data port into another computer.
Another risk is that you don't know if the crypto is secure. There are lots of possibilities to get things wrong [2].
It seems inevitable that the further you get from end-to-end crypto, the less secure it is.
None of the scenarios detailed in your 1st reference are an inherent vulnerability of SEDs it is describing vulnerabilities in the software that drives the SEDs or physical designs of the computers they are installed in. Also, reset attacks apply to software encryption as well as SED's.
Check out the sedutil project on Github it's an opensource implementation of software to manage SED's
If you want to quickly get the long-short of the review, check out the 'Destroyer' benchmark[0] and the price/gb chart[1]. Though I recommend reading the entire thing, anandtech reviews are a treat.
[0] https://www.anandtech.com/show/12543/the-western-digital-wd-... [1] https://www.anandtech.com/show/12543/the-western-digital-wd-...