>While many SSDs come with hardware-based encryption, which does all the processing directly on the drive, Windows 11 Pro force-enables the software version of BitLocker during installation
IIRC thought the whole reason for this was because the Hardware-based encryption turned out to be so terrible on just about every drive that Microsoft just decided to not even bother using it.
> IIRC thought the whole reason for this was because the Hardware-based encryption turned out to be so terrible on just about every drive that Microsoft just decided to not even bother using it.
From 2018:
> The two [researchers] say that the SEDs they've analyzed, allowed users to set a password that decrypted their data, but also came with support for a so-called "master password" that was set by the SED vendor.
> Any attacker who read an SED's manual can use this master password to gain access to the user's encrypted password, effectively bypassing the user's custom password.
> The only way users would be safe was if they either changed the master password or if they 'd configure the SED's Master Password Capability setting to "Maximum," which effectively disables it.
I wouldn't use them. Is there any chance at all that those don't have an NSA backdoor? I think most hardware encryption just XOR's on the phrase "We're the government. It's for your own good."
Windows encryption could at least theoretically be audited via decompilation, whatever firmware happens to be installed on your random hard drive? Not a chance.
I think if a state entity is dead set on acquiring your data, they will do that once they have access to the chips.
This notion that your encryption- any encryption- is going to stop a state-funded actor from getting past to your data is just as ridiculous IMO as the people who stockpile AR-15's and cosplay soldiers on the weekends think they're a realistic threat to the same military that has predator drones.
If the government wants your data, they probably already have it, just like if they wanted you dead, you'd already be in the ground. Assuming there's enough left of you to bury anyway.
"State actor defeatist"-style arguments against taking any technical precautions often conflate two things that the government does: 1. Large scale mostly passive dragnet surveillance, 2. Individually targeted surveillance.
Reasonable people can admit that they can't do much about case 2, while still believing that applying countermeasures against 1 can be effective. Also note there is more than one government in the world that may intend to exploit your lack of privacy...
Just because you're given up on privacy and sovereignty doesn't mean you should go around infecting others with the same contagion.
True, but worrying that your hard disk encryption is vulnerable to the NSA is something that only makes sense if you're dealing with case 2, not case 1.
If I’m encrypting my disk, the NSA is far at the bottom of people I want to be safe from. At least the NSA might make a reasonably well implemented backdoor.
My sympathies to you if you feel the NSA is the biggest threat you're facing. I just don't want somone who steals my laptop to be able to empty my bank account. That's why I always turn whole disk encryption on.
Well if I were trying to defend myself against the NSA I would be doing different things entirely… alas there is no threat model I’m concerned with that includes the NSA. For starters hard drive encryption would be the least of my worries.
Exactly this. If your threat profile includes the possibility of special governmental attention, then you're playing a much more serious game and need to be off the grid entirely.
And if you use Windows the way Microsoft wants you to, all your data is already on OneDrive, Teams, SharePoint (which actually is the backend for the former too). Which the NSA can simply demand access to.
If it does, there's zero chance that Microsoft know about it.
When your company is worth $2,427,000,000,000 , you'd have to be insane to risk it all like that.
On-drive encryption serves to allow for secure erase which would otherwise require an entire write cycle and cannot be done at an OS level anyway due to wear leveling and reserved space.
It is not intended for providing privacy or security.
Secure erase works on assumption that encrypted data is indistinguishable from random noise AND that attacker cannot recover the encryption key. Insecure implementations of encryption will leave some way to recover/reverse engineer the key, which means they are useless for secure erase as well.
It depends on your threat model. Just enabling BitLocker will defeat someone from plugging in a Linux live USB and resetting your Windows password. For corporate security ATA Secure Erase done by a vendor who accepts liability and gives them a "certificate of data destruction" may be enough to meet HIPAA, FERPA, SOX compliance requirements. Or they consider drives cheap enough that physically shredding them to ensure no mistakes is the better choice. At the national security level you pulverize the drives after zeroing them, likely in a windowless room inside a facility with armed guards.
As one who's actually had the pleasure of getting to use one of the classified drive destroyers, there aren't armed guards. Not sure if there's a requirement that it be done in a room with no windows, though.
My point was that Kenny's claim is that on-drive encryption allows for easier "erasure", presumably by deleting the keys needed to decrypt the data and leaving the drive in the same state.
If that process is good enough to ensure proper "erasure" of the data (effectively complete prevention of data access), then how is it not equally secure as an encryption schema?
Combine this with the performance hit from continuous Windows Defender scanning and whatever spyware (e.g. Carbon Black) that IT installed, and you quickly get to an actively productivity-antagonistic performance situation on Windows.
I have a Surface Laptop 4. Watching YouTube full screen with almost nothing else running has the fan at high speed all throughout, and battery dead after 3h. I’m not even mad. It’s just sad.
Youtube defaults to VP8/VP9 encoded video that you most likely decode in software. Install h264ify chrome/firefox addon and it's likely going to get better.
My employer switched to MsSense.exe (Windows Defender Advanced Threat Protection I think) which is even worse than CarbonBlack. Especially in terms of performance.
A modern PC/laptop - one with Zen 4 or Intel 12-14 gen CPU with 8+ cores - has so much spare performance, that it works perfectly well with software encryption , defender scanning, memory isolation, security bugs mitigations, etc.
Don't know about enterprise IT software - haven't worked in/with big companies lately.
1. A good percentage of corp people do not have these specs.
2. The whole point of the comment was enterprise IT software, and I can confirm it severely impacts the performance of high-spec computers with stuff like 32GB mem and NVMe SSDs.
Oh, god. Yeah. With government contracting, it gets just plain surreal, like everything else about working in Defense.
Not disk encryption, but my personal nightmare happened a decade ago, when MIS found out I had a data background, and they needed someone to resolve network latency issues, they told me 37k on what was supposedly gigabit ethernet. They pointed me at their security doohickey, the DMS, and a giant pile of pcap files. I had zero idea what I was doing, but I came back with 80% +++ infosec garbage, like, everywhere, even the packets on the factory floor and other dumb metal. I must have checked and rechecked a bazillion times - as mentioned, I really didn't know what any of this stuff was, and relied on text mining and Wikidata. After ganking the entire DMS into my magic widgets, found that there were seventeen network packet analyzer / security products all spooging into the network, all - if I can trust my gensim skills - reporting on each other, because ALL of them were implemented completely separately. Each one was some idiot program manager parroting instructions - forcing network changes - from the customer based on who knows how many deadend procurement officers. And judging from the contract documents, the sniffers were the tip of the iceberg: it was across the board for AV, encryption, email settings, you name it - you probably need to review all of that.
It was a mess, but the guy who brought me in - damn, he was a really nice guy, realized that I was a pay grade above janitor at the time, tried to make my life decent - that guy . . he looked actually sick, like, "I-need-a-toilet-right-now" sick. Above him, no one wanted to tell the level above, so we kept getting kicked upstairs until we ended up at E-level and they're calling the Overlords in the corporate office. In the end, nobody wanted to rock the boat, for fear of running afoul of some random procurement officer or other (who could of course become VPs any second, or any quarter they needed a quick sale). And so it remained. As far as I know, their security setup remains unchanged to this day.
Ah, that wasn't even the worst of that kind of thing to happen, but that's another story, in an area where I was actually semi-qualified . .
Yeah, back in 2020-2021 I got a 16" i9 Macbook, objectively better than my own but the amount of software they loaded -we are still talking about MacOS- slowed things down too much. Corporate mandated stuff, compliance software, IT provisioning yadayada, mandatory update reminder app, something that fired an email warning whenever I connected a USB gadget, etc.
Also most of the macOS corporate software is really really poor quality. A lot of this are really poor Windows ports that don't use the Apple native installer, reinvent their own windows registry equivalent instead of just using defaults/ plists, often have UIs straight out of Windows. Terrible crap.
I managed macs for years and it was not fun. And I had no choice because all this software was mandated by the security team.
This take ignores that software evolves to be ever more bloated as well. With ever more hardware to throw at issues, software didn’t have enough evolutionary pressure to remain or become efficient. I argue that’s beginning to show.
Look at what our software actually does and the actual resources used in doing so. Compare that to the theoretical minimum required. That ratio has been growing steadily. In the 80s, when your systems were simple and things were Assembly or C, not much efficiency was lost. Nowadays, enormous efficiency is wasted on telemetry, security measures (AV, Spectre etc. mitigations), programming in the name of being cross platform (Electron, …), indirection (APIs calling APIS ad infinitum), …
I think about this every time I use a computer. I think it's genuinely shameful how we waste most of the amazing computing power even the least expensive of modern machines have.
There is undoubtedly a lot of power in recent machines, but I think a lot of these processes are single core and serial: e.g. performance penalty from CPU security mitigations -> performance penalty to decrypt files off disk -> performance penalty to virus scan every file as it is read
This is not really a CPU issue, it's a disk issue. For a lot of workflows, windows already has inferior I/O performance compared to Linux even with AV disabled, so more on by default security features is not exactly helpful for developers.
I guess mileage varies but I'm using Windows 11 Pro and running `manage-bde -status` tells me none of my drives are encrypted. And I don't remember being offered to when installing it.
The sources are their own tests described further down in the article. It mostly describes slowdowns of between 0–20%, but does say:
> But the critical aspect is that software BitLocker dropped random write performance by 45% compared to hardware BitLocker.
I don't think consumers are engaging in a lot of sustained random writes. On the other hand, it might be a reason to avoid software encryption on a database server with a lot of writes.
They show graphs of their tests with PCMark 10 Storage and Crystal Disk Mark. Using Crystal Disk Mark to test random 4k writes and they are massively slower when using software bitlocker.
Better maybe, but you'll never sleep well if you leave your laptop in your car. In fact, none of us can park in peace because people leave laptops in vehicles.
Only if you shutdown. Otherwise tpm is still in memory and everything is unlocked.
Going off how many people compliance have to chase to restart for updates, a lot of people think sleep is fine
Your average thief has no idea how to get into a system which asleep but screen-locked. FDE means your machine gets wiped and resold, or sold for parts...but your data on the system remains private.
That's not how you asses performance at all. Maybe you can saturate the NVMe link with AES in idea circumstances, but you may be killing memory mapping and churning I$.
To say anything interesting about performance on these modern machines, you would have to benchmark some real workload.
Speaking of which, software that doesn’t use the AES-NI instructions is becoming glaringly obvious because the performance difference is so huge.
In the era of mechanical drives and 2 Mbps “broadband” nobody would notice. Now with SSDs and gigabit home internet, people do notice but vendors are still pretending they can just ignore the need to offload encryption.
VPN products and IPsec especially is almost always a disaster in my experience.
When evaluating any kind of network security product like a virtual WAN appliance, tunnel, or whatever, check the throughput. If it can get tens of gigabits for a single stream then it is using some sort of offload. If it seems to hit the wall at around 1.5 Gbps per core, do not buy.
How much does this affect other processes happening at the same time? If I'm playing an open world game that streams the environment off the ssd, how much is this going to contend with my cpu issuing draw calls, doing physics calculations, etc.
I run FDE on all my machines, encryption and sector sizes are aligned, I can still do a 3000MB/s IO no problem. Doesn't affect anything I'm running, even databases like Postgres.
But this is just Windows 11 Pro, though, not Enterprise. I guarantee you gamers (who are probably a big contingent of people who buy Pro but not Enterprise) are going to be turning this off so fast.
FDE's purpose isn't just to prevent you from pulling a disk out and imaging it to get all the data. It also makes it far quicker to do disk wipes. If someone yanks your laptop you can have the IT guy wipe it in a minute or two. Without FDE, whatever bossware is enforcing the device management would have to actually overwrite every sector of the disk, which can take hours and would be extremely noticeable to anyone extracting data off the machine.
Why would it need to wipe every sector of the disk? As ilyt stated, there's no need to encrypt game files. There's also no need to wipe them. Just the directories where important data resides.
FDE means you don't leak data to unencrypted parts of the file system. Temporary files and browser cache are areas sensitive information can be inadvertently left behind. With FDE you can check off the box "encrypted at rest" without having to qualify it with asking if the data is in the right folder or vault, if temp files are overwritten, etc.
Right. But technically "every sector of the disk" isn't necessarily what bossware needs to wipe if an unencrypted laptop is taken. Only eelements which allow access to crown jevels, relevant credentials, etc.
I'm an advocate for FDE across the board (literally all of my devices are on Windows 11 Pro, primarily so I at least have access to Bitlocker across the board), but it's disingenuous to claim that the only alternative to FDE when a device is taken would be to initiate a sector-by-sector wipe. He was responding to ilyt's comment about how only certain data is worth encrypting on pretty much every personal device (and we are talking about Win 11 Pro, not Enterprise).
I’ve said it before and I’ll say it again, it’s a matter of time before Windows runs on the Linux kernel. It’ll just be this big monoculture like Chromium with browsers. There really isn’t any reason to duplicate all this effort in maintaining an OS. Might as well have the whole world pitch in on one strong project.
> If you are working with a desktop PC in your home and you feel really confident that nobody's going to have unauthorized physical access to the computer, you might want to do without encryption.
Do you also feel confident nobody will pick your drive up at the landfill where it's going to end up?
Agreed, that feels like horrible advice. Even encryption with a password of “hunter2” is worthwhile in that it would stop untargeted access.
Crackhead burgling my home is significantly higher risk than the NSA trying to grab my data. If the NSA wants it, my cute 32 character random password is probably insufficient to stop them.
Yea, I'm not sure about the US, but a few friends have had their stolen phones immediately used to contact everyone on whatsapp asking for money, sim swapped and tried access for all possible 2FAs on socials, banking, whatever they can get a hold of within the same day. For something so easy to set up as FDE on a computer, or a SIM pin in addition to the phone's passcode (to prevent them from accessing the mobile network, which I forever dismissed but after seeing how they operate I started adding the pin as well), it's a no brainer really.
Yeah, back then I thought in the lines of "well whatever if they call people with it, what are they gonna get? Minutes off my plan?" But that was at a time when we didn't have so much tied to a phone number, or I could still opt out of it, which I did for years.
Was it always like this with Windows and SW Bitlocker then? On the Mac, for more than 10 years Filevault FDE has been unnoticeable in terms of a performance hit. I remember that back then, before Macs had SSDs they also offered FV that only encrypted the user folder.
Your coworker is "full of it" for the following reasons:
- Storage is always encrypted on Apple Silicon Macs.[1]
- You can enable FileVault, but all FileVault does on Apple Silicon is add the user's password as an additional key[2]. There is not an additional performance hit with FileVault.
Wow! So this explains why setting it up later down the road is almost instant on Macs with T2 or M1/M2? Because IIRC with <2016 macs there was a long wait if you already have been using that disk for a while.
I’d want to see real benchmarks to make sure that’s not due to a confound (e.g. updates used to be slowed by things like Homebrew having huge numbers of files in the /usr/local directory which were inefficiently moved & restored by the installer). Every time I’ve tested it the difference has been negligible.
Is this a new thing? I installed windows 11 fresh about a year ago and it did not force me (or to my memory, even offer) to use bitlocker during setup.
I spent a lot of time on my last install to get Hardware Encryption to work. While it has been disabled by Microsoft by Default I prefer to have it enabled as it covers my thread model.
The only thing that is hard to find these days is SSDs with 4K AND OPAL. The WD 850X has 4K clusters, but not OPAL.
The Samsung 980 Pro has 515B clusters, and OPAL. Not sure about the Samsung 990 Pro.
I don't know what Windows 11 Pro version has bitlocker on by default, but none of the systems I have at home enabled it as a default setting. Whether upgrading from 10 or complete nuke the drive and install fresh, I haven't seen it be a default setting.
IIRC thought the whole reason for this was because the Hardware-based encryption turned out to be so terrible on just about every drive that Microsoft just decided to not even bother using it.