Samsung supports AES-256 hardware encryption on pretty much all their drives I don't see that on these WD / Sandisk products that is kind of a deal breaker for me.
Personally, I now prefer to do crypto using FOSS software, even if it means a CPU performance hit. Who knows which crypto library is being used with hardware? I had certainly never heard of Infineon's RSALib before CVE-2017-15361 caused me to have to revoke one of my RSA keys that was generated on a Yubikey.
Now I'm not one to go quoting ESR, but it's essentially because FOSS crypto software is widely used and has had a lot of eyeballs on it. Clearly that doesn't grant it immunity from bugs, but given my recent experiences, I'm a lot less trusting of hardware manufacturers to get crypto right.
I'm familiar with the sentiment but there are numerous high profile CVE's in the past decade that persisted in FOSS for long periods despite wide use and many eyes. The only hardware one I'm aware of is the YubiKey.
I think we agree that the many eyes maxim isn't as big of a factor as some might make it out to be, perhaps it's more of a "the devil you know" situation. With hardware there isn't a lot of transparency around the implementations that are used, so it just makes me feel uncertain. I'd rather throw my lot in with OpenSSL and GPG than unknown library X.
Also, it wasn't just Yubico products that were impacted by the vulnerability. It was estimated that 25% of all TPM devices globally were impacted, which adds up to millions of smartcards.
One annoying thing is that Samsung NVMe drives do not support the things that would allow Microsoft Bitlocker to use the drive's hardware encryption and just manage the keys.
It's quite surprising if WD does not have the build-in encryption(). Typically the secure erase on the drives is using this. For example on Samsung the data is always encrypted and doing a secure erase means just generating new encryption key and removing the old one. On SSD this is pretty crucial, because you can't wipe the contents by just writing random stuff on drive. The drive is managing the writes (wear leveling algorithms) and might not actually overwrite existing data.
() Of course it is be possible that they have this internally, but just don't expose the password part to user. Could not see anything on the specs on quick search.
It doesn't say it does on the spec and doesn't have a PSID printed on the label in the photo which are two strong indicators that it doesn't support it.
So you run without OS level FDE and trust a drive level crypto function? How does key management work, do you input the AES key at a firmware prompt on boot / wake from sleep, or is there transparent OS support for this?
If you are talking about a drive following the TCG OPAL spec there is typically a Data Encryption Key (DEK) and an Access Key. The DEK is generated in the drive and never leaves it. The DEK is encrypted with the access key that the user specifies. sedutil is an open source project that works with these drives it is OS agnostic.
On laptops with an FDE disk, there's a password prompt on bootup (not wakeup from suspend to RAM - possibly configurable) before you can do anything else with the machine. Seen on Dell E models and Thinkpad T models.
Sounds like it's pretty easy to compromise this kind of encryption if you steal a laptop that's suspended [1].
One of the easiest attacks mentioned is to just keep the drive powered and plug the sata data port into another computer.
Another risk is that you don't know if the crypto is secure. There are lots of possibilities to get things wrong [2].
It seems inevitable that the further you get from end-to-end crypto, the less secure it is.
None of the scenarios detailed in your 1st reference are an inherent vulnerability of SEDs it is describing vulnerabilities in the software that drives the SEDs or physical designs of the computers they are installed in. Also, reset attacks apply to software encryption as well as SED's.
Check out the sedutil project on Github it's an opensource implementation of software to manage SED's
