SSD is hacked to pieces - this says Samsung you should do

IT | Nov 8, 2018 | Master3395

This is the list of devices that are not secure.

Security researchers have revealed critical errors in the security of a number of popular SSD disks.

Physical access to the disk is required
The researchers have found that they can relatively easily modify the firmware, or use a debugger, to change the password in the SSD and thus decrypt content that should initially be encrypted and hidden behind a password.

The problem here is that the error affects highly popular devices like:

Not difficult with some knowledge
Another problem here is that customers believe that hardware encryption is safer than software, but it's not true in this case simply because the holes are so big and gross:

"We got all the data without knowing any secret," explains researchers Carlo Meijer and Bernard van Gastel of Radboud University in the Netherlands.
In Windows, the problem is even worse when Windows BitLocker software encryption automatically selects hard disk encryption if supported, and can, therefore, be tricked with the same newly discovered tricks.

Disable SSD encryption in Windows
You can disable SSD's hardware encryption from Windows Group Policy:

"Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption \ Operating System Drives" -find "Configure use of hardware-based encryption for operating system drives".

This makes the companies
Crucial has actually updated the firmware on its disks, while Samsung has more work to do since they have only patched the T3 and T5.

Samsung, therefore, recommends owners of Evo disks to use software encryption instead.

Keywords: Hardware, Security, Ssd

Sources: Bleeping Computer

Author: Master3395


comments powered by Disqus

Page 1 of 406  >  >>

Visa, MasterCard and Uber invest in Facebook's crypto currency


Jun 18, 2019 | Category: General | Comments

May be announced next week.

read more…

Google boss annoyed at Apple


Jun 17, 2019 | Category: IT | Comments

Think they are portrayed as corrupt during the unveiling of "Sign in with Apple".

read more…

Telegram exposed to massive DDoS attacks - claims China is behind


Jun 16, 2019 | Category: General | Comments

Linked to the demonstrations in Hong Kong.

read more…

Page 1 of 406  >  >>