For now I plan to enable the hardware based encryption in my bios. Unless I get a developer I doubt I will get a good answer to which is the better option. I have reached out to Samsung but given the limited info on this. To answer your question I don't really know which is faster. You will need to follow some of the steps in the article above, like turning off CMS. You can enable hardware based encryption via the BIOS by setting the master password. v 4.9.6 (v5 no longer supports this) to wipe the drive and enable the hardware based encryption. (note you must have an SSD with a TMP chip)īitlocker is compatible with hardware based encryption, you can use samsung magic. you could see a minimum of a 10% drop in performance.
ENCRYPTSTICK LITE VS BITLOCKER SOFTWARE
It is always better to use hardware based encryption on a self encrypting drive, if you use the software based encryption on bitlocker or another encryption program it will cause anywhere between a 25% and 45% slowdown in read write speeds. I'v been doing some research on this and have a half complete answer for you. What is the question on Linux I would recommend LUKS, for example. If your disk is on the list, you're better off using something else entirely since Bitlocker would use the drive encryption anyway.
ENCRYPTSTICK LITE VS BITLOCKER CRACKED
So the answer really is since Bitlocker uses the disks hardware encryption, and has it's own vulnerabilities on top of that, you're better off using the hardware encryption if your SSD is not on the list of cracked SSDs. More information about the SSD encryption problem here:Īnd the actual paper (as PDF) delving deeper into the problem here:
Which means that if that encryption itself has been cracked, the user essentially has no protection at all.ĭrives that are known to be suffering from this vulnerability include (but are probably not limited to): SSD drive hardware encryption and Bitlocker:Ī new vulnerability has surfaced in 2018 if a SSD disk has hardware encryption, which most SSDs have, Bitlocker defaults to using only that. What remains (known) include, for example, the "Cold Boot Attack" - the newest version of which really isn't Bitlocker specific (you need physical access to a running computer and steal the encryption keys, and anything else, straight from the memory). There have been several ways to breach Bitlocker in it's history, luckily most of them have already been patched / mitigated in 2018.
Maybe it is of use to someone doing a search in 2018 and later. Old question, but since then several new developments have been found concerning Bitlocker and drive encryption (used either alone or in combination), so I will turn couple of my comments on the page to an answer.
0 kommentar(er)
