You Can’t Trust BitLocker to Encrypt Your SSD on Windows 10

[harlan4096]

Some SSDs advertise support for “hardware encryption.” If you enable BitLocker on Windows, Microsoft trusts your SSD and doesn’t do anything. But researchers have found that many SSDs are doing a terrible job, which means BitLocker isn’t providing secure encryption.

Many SSDs Don’t Implement Encryption Properly

Even if you enable BitLocker encryption on a system, Windows 10 may not actually be encrypting your data. Instead, Windows 10 may be relying on your SSD to do it, and your SSD’s encryption may be easily broken.

That’s the conclusion from a new paper by researchers at Radbound University. They reverse engineered the firmwares of many solid-state drives and found a variety of issues with the “hardware encryption” found in many SSDs.

The researchers tested drives from Crucial and Samsung, but we definitely wouldn’t be surprised if other manufacturers had major issues. Even if you don’t have any of these specific drives, you should be concerned.

For example, the Crucial MX300 includes an empty master password by default. Yes, that’s right—it has a master password set to nothing, and that empty password gives access to the encryption key that encrypts your files. That’s crazy.

Full reading: https://www.howtogeek.com/fyi/you-cant-t...indows-10/

[jasonX]

Master password set to nothing! Wow and that they do not even tell us or guide us to secure it huh....tsk
Thanks for the info!